<?xml version='1.0' encoding='iso-2022-jp' ?>
<!DOCTYPE manualpage SYSTEM "../style/manualpage.dtd">
<?xml-stylesheet type="text/xsl" href="../style/manual.ja.xsl"?>
-<!-- English Revision: 219484:479777 (outdated) -->
+<!-- English Revision: 479777 -->
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
\e$BC/$+$,9T$-$?$$>l=j$K9T$1$k$h$&$K!"$"$k$$$OM_$7$$>pJs$r\e(B
\e$BF@$k$3$H$,$G$-$k$h$&$K$9$k$?$a$NA42aDx$r;X$7$^$9!#\e(B</p>
</summary>
-
+
<section id="related"><title>\e$B4XO"$9$k%b%8%e!<%k$H%G%#%l%/%F%#%V\e(B</title>
- <related>
- <modulelist>
- <module>mod_auth_basic</module>
- <module>mod_authn_file</module>
- <module>mod_authz_groupfile</module>
- <module>mod_authz_host</module>
- </modulelist>
-
- <directivelist>
- <directive module="mod_authz_host">Allow</directive>
- <directive module="mod_authz_groupfile">AuthGroupFile</directive>
- <directive module="core">AuthName</directive>
- <directive module="core">AuthType</directive>
- <directive module="mod_authn_file">AuthUserFile</directive>
- <directive module="mod_authz_host">Deny</directive>
- <directive module="core">Options</directive>
- <directive module="core">Require</directive>
- </directivelist>
- </related>
+<p>\e$BG'>Z$H>5G'$N=hM}$K4XO"$9$k\e(B 3 \e$B<oN`$N%b%8%e!<%k$,$"$j$^$9!#\e(B
+\e$B$=$l$>$l>/$J$/$H$b$R$H$D$:$DI,MW$G$9!#\e(B</p>
+
+<ul>
+ <li>\e$BG'>Z$N%?%$%W\e(B (
+ <directive module="core">AuthType</directive> \e$B%G%#%l%/%F%#%V;2>H\e(B)
+ <ul>
+ <li><module>mod_auth_basic</module></li>
+ <li><module>mod_auth_digest</module></li>
+ </ul>
+ </li>
+ <li>\e$BG'>Z%W%m%P%$%@\e(B (
+ <directive module="mod_auth_basic">AuthBasicProvider</directive>,
+ <directive module="mod_auth_digest">AuthDigestProvider</directive> \e$B%G%#%l%/%F%#%V;2>H\e(B)
+
+ <ul>
+ <li><module>mod_authn_anon</module></li>
+ <li><module>mod_authn_dbd</module></li>
+ <li><module>mod_authn_dbm</module></li>
+ <li><module>mod_authn_default</module></li>
+ <li><module>mod_authn_file</module></li>
+ <li><module>mod_authnz_ldap</module></li>
+ </ul>
+ </li>
+ <li>\e$B>5G'\e(B (
+ <directive module="core">Require</directive> \e$B%G%#%l%/%F%#%V;2>H\e(B)
+ <ul>
+ <li><module>mod_authnz_ldap</module></li>
+ <li><module>mod_authz_dbm</module></li>
+ <li><module>mod_authz_dbm</module></li>
+ <li><module>mod_authz_default</module></li>
+ <li><module>mod_authz_groupfile</module></li>
+ <li><module>mod_authz_host</module></li>
+ <li><module>mod_authz_owner</module></li>
+ <li><module>mod_authz_user</module></li>
+ </ul>
+ </li>
+</ul>
+
+ <p>\e$B$3$l$i$N%b%8%e!<%k$K2C$($F!"\e(B<module>mod_authn_core</module>
+ \e$B$H\e(B <module>mod_authz_core</module> \e$B$,$"$j$^$9!#\e(B
+ \e$B$3$N\e(B 2 \e$B$D$N%b%8%e!<%k$OG'>Z%b%8%e!<%k$K6&DL$J%3%"%G%#%l%/%F%#%V$r\e(B
+ \e$B<BAu$7$F$$$^$9!#\e(B</p>
+
+ <p><module>mod_authnz_ldap</module> \e$B$OG'>Z%W%m%P%$%@$H>5G'%W%m%P%$%@$N\e(B
+ \e$BN>J}$N5!G=$r;}$C$F$$$^$9!#\e(B
+ <module>mod_authz_host</module> \e$B$O%[%9%HL>!"\e(BIP \e$B%"%I%l%9$d\e(B
+ \e$B%j%/%(%9%H$NFCD'$K4p$E$$$?%"%/%;%9@)8f$r9T$$$^$9$,!"\e(B
+ \e$BG'>Z%W%m%P%$%@$N%7%9%F%`$N0lIt$G$O$"$j$^$;$s!#\e(B
+ mod_access \e$B$H$N8eJ}8_49@-$N$?$a!"\e(B
+ \e$B?7$7$$%b%8%e!<%k$N\e(B <module>mod_access_compat</module> \e$B$,$"$j$^$9!#\e(B</p>
+
+ <p>\e$BMM!9$J%"%/%;%9@)8f$N9T$J$$J}$K$D$$$F$O!"\e(B
+ <a href="access.html">\e$B%"%/%;%9@)8f\e(B</a>\e$B$NJ}K!$r$4Mw$/$@$5$$!#\e(B</p>
+
</section>
<section id="introduction"><title>\e$B$O$8$a$K\e(B</title>
<p>\e$B$3$NJ8=q$G$O!"B?$/$N?M$,:NMQ$9$k$G$"$m$&!"\e(B
\e$B%&%'%V%5%$%H$N0lItJ,$rJ]8n$9$k!V0lHLE*$J!W\e(B
\e$BJ}K!$K$D$$$F%+%P!<$7$F$$$^$9!#\e(B</p>
+
+ <note><title>\e$BCm0U\e(B</title>
+ <p>\e$B%G!<%?$,K\Ev$K5!L)$J$N$G$"$l$P!"G'>Z$K2C$($F$5$i$K\e(B
+ <module>mod_ssl</module> \e$B$r;H$&$HNI$$$G$7$g$&!#\e(B</p>
+ </note>
</section>
<section id="theprerequisites"><title>\e$B=`Hw\e(B</title>
\e$B$3$l$O$=$s$J$KFq$7$/$J$$$N$G!"$3$NJ8=qCf$G\e(B
\e$B%G%#%l%/%H%j9=B$$K$D$$$FCN$C$F$*$/I,MW$,$"$k>lLL$G$O!"\e(B
\e$BL@$i$+$K$J$k$h$&$K$7$^$9!#\e(B</p>
+
+ <p><module>mod_authn_core</module> \e$B$H\e(B <module>mod_authz_core</module>
+ \e$B$NN>J}$,\e(B httpd \e$B%P%$%J%j$K@EE*$KAH$_9~$_:Q$_$G$"$k$+!"\e(Bhttpd.conf
+ \e$B@_Dj%U%!%$%k$GF0E*$K%m!<%I$5$l$k$+$7$F!"\e(Bhttpd \e$B$KAH$_9~$^$l$F$$$J$1$l$P\e(B
+ \e$B$J$j$^$;$s!#$3$l$i$NFs$D$N%b%8%e!<%k$O!"@_Dj%U%!%$%k$N$J$+$GHs>o$K\e(B
+ \e$B=EMW$G%&%'%V%5!<%P$NG'>Z$H>5G'$G;HMQ$5$l$k%3%"%G%#%l%/%F%#%V$H\e(B
+ \e$B$=$N5!G=$rDs6!$7$F$$$^$9!#\e(B</p>
</section>
<section id="gettingitworking"><title>\e$BF0:n$5$;$k\e(B</title>
<p>\e$B$G$O!"%5!<%P>e$N$"$k%G%#%l%/%H%j$r%Q%9%o!<%I$GJ]8n$9$k\e(B
\e$B4pK\<j=g$r<($7$^$9!#\e(B</p>
- <p>\e$B%Q%9%o!<%I%U%!%$%k$r:n$kI,MW$,$"$j$^$9!#\e(B
- \e$B$3$N%U%!%$%k$O!"%&%'%V$+$i%"%/%;%9$G$-$k>l=j$K\e(B
+ <p>\e$B$^$:$O$8$a$K!"%Q%9%o!<%I%U%!%$%k$r:n$j$^$9!#\e(B
+ \e$B$I$NG'>Z%W%m%P%$%@$r;H$&$+$K$h$C$F!"%Q%9%o!<%I%U%!%$%k@8@.$N<j=g$O\e(B
+ \e$BBg$-$/0[$J$j$^$9!#$3$3$G$NNc$G$O!"<j;O$a$K%F%-%9%H%Q%9%o!<%I%U%!%$%k$r\e(B
+ \e$B;H$$$^$9!#\e(B</p>
+
+ <p>\e$B$3$N%Q%9%o!<%I%U%!%$%k$O!"%&%'%V$+$i%"%/%;%9$G$-$k>l=j$K\e(B
\e$BCV$/$Y$-$G$O$"$j$^$;$s!#B>$N?M$,%Q%9%o!<%I%U%!%$%k$r\e(B
\e$B%@%&%s%m!<%I$G$-$J$$$h$&$K$9$k$?$a$G$9!#Nc$($P!"\e(B
<code>/usr/local/apache/htdocs</code> \e$B$G%I%-%e%a%s%H$r\e(B
<p>
\e$B%U%!%$%k$r:n$k$?$a$K$O!"
\e(BApache
\e$BIUB0$N
\e(B <program>htpasswd</program>
\e$B$r;H$$$^$9!#$3$N%3%^%s%I$O\e(B Apache \e$B$r$I$3$K%$%s%9%H!<%k$7$h$&$H$b!"\e(B
\e$B%$%s%9%H!<%k%G%#%l%/%H%j$N\e(B <code>bin</code>
- \e$B%G%#%l%/%H%j0J2<$KCV$+$l$^$9!#%U%!%$%k$r:n$k$K$O!"<!$N$h$&$K\e(B
- \e$B%?%$%W$7$F$/$@$5$$!#\e(B</p>
+ \e$B%G%#%l%/%H%j0J2<$KCV$+$l$^$9!#%5!<%I%P!<%F%#@=$N%Q%C%1!<%8$G\e(B
+ \e$B%$%s%9%H!<%k$7$?>l9g$O!"<B9T%Q%9$NCf$G8+$D$+$k$G$7$g$&!#\e(B</p>
+
+ <p>\e$B%U%!%$%k$r:n$k$K$O!"<!$N$h$&$K%?%$%W$7$F$/$@$5$$!#\e(B</p>
<example>
htpasswd -c /usr/local/apache/passwd/passwords rbowen
<p>
\e$B$b$7
\e(B <program>htpasswd</program>
\e$B$,%Q%9$NCf$KF~$C$F$$$J$$>l9g$O!"
\e(B
\e$B$b$A$m$s!"<B9T$9$k$?$a$K%W%m%0%i%`$^$G$N%U%k%Q%9$r\e(B
- \e$B%?%$%W$9$kI,MW$,$"$j$^$9!#;d$N%5!<%P$G$"$l$P!"\e(B
+ \e$B%?%$%W$9$kI,MW$,$"$j$^$9!#%G%U%)%k%H$N%$%s%9%H!<%k>uBV$G$"$l$P!"\e(B
<code>/usr/local/apache/bin/htpasswd</code>
\e$B$K%W%m%0%i%`$,CV$+$l$F$$$^$9!#\e(B</p>
\e$B$rJ]8n$7$?$$>l9g$O!"\e(B
<code>/usr/local/apache/htdocs/secret/.htaccess</code>
\e$B$+\e(B httpd.conf \e$BCf$N\e(B <Directory
- /usr/local/apache/apache/htdocs/secret> \e$B%;%/%7%g%s$K\e(B
+ /usr/local/apache/htdocs/secret> \e$B%;%/%7%g%s$K\e(B
\e$BG[CV$7$F!"<!$N%G%#%l%/%F%#%V$r;H$&$3$H$,$G$-$^$9!#\e(B</p>
<example>
AuthType Basic<br />
AuthName "Restricted Files"<br />
+ # (Following line optional)<br />
+ AuthBasicProvider file<br />
AuthUserFile /usr/local/apache/passwd/passwords<br />
Require user rbowen
</example>
\e$B$G<BAu$5$l$F$$$^$9!#$7$+$7$J$,$i!"\e(B
\e$B$3$l$O5$$rIU$1$k$Y$-=EMW$J%]%$%s%H$J$N$G$9$,!"\e(B
Basic \e$BG'>Z$O%/%i%$%"%s%H$+$i%5!<%P$X!"\e(B
- \e$B%Q%9%o!<%I$r0E9f2=$;$:$KAw$j$^$9!#$G$9$+$i!"\e(B
- \e$B$3$NJ}K!$OFC$K5!L)@-$N9b$$%G!<%?$KBP$7$F$OMQ$$$k$Y$-$G$O\e(B
+ \e$B%Q%9%o!<%I$r0E9f2=$;$:$KAw$j$^$9!#$G$9$+$i$3$NJ}K!$O!"\e(B
+ <module>mod_ssl</module> \e$B$HAH$_9g$o$;$J$$>uBV$G$O!"\e(B
+ \e$BFC$K5!L)@-$N9b$$%G!<%?$KBP$7$F$OMQ$$$k$Y$-$G$O\e(B
\e$B$"$j$^$;$s!#\e(B Apache \e$B$G$O$b$&0l$DJL$NG'>ZJ}K!\e(B:
<code>AuthType Digest</code> \e$B$r%5%]!<%H$7$F$$$^$9!#\e(B
\e$B$3$NJ}K!$O\e(B <module>mod_auth_digest</module>
\e$B$G<BAu$5$l$F$$$F!"$b$C$H0BA4$G$9!#\e(B
- \e$B$4$/$4$/:G6a$N%/%i%$%"%s%H$7$+\e(B Digest
- \e$BG'>Z$r%5%]!<%H$7$F$$$J$$$h$&$G$9!#\e(B</p>
+ \e$B:G6a$N%/%i%$%"%s%H$O\e(B Digest
+ \e$BG'>Z$r%5%]!<%H$7$F$$$k$h$&$G$9!#\e(B</p>
<p><directive module="core">AuthName</directive>
\e$B%G%#%l%/%F%#%V$G$O!"G'>Z$K;H$&\e(B <dfn>Realm</dfn> (\e$BLuCm\e(B: \e$BNN0h\e(B)
\e$B%5!<%P$N%[%9%HL>$,JQ$o$l$P$$$D$G$bI,$:!"\e(B
\e$B%/%i%$%"%s%H$O:F$S%Q%9%o!<%I$r?R$M$kI,MW$,$"$j$^$9!#\e(B</p>
+ <p><directive
+ module="mod_auth_basic">AuthBasicProvider</directive>
+ \e$B$O%G%U%)%k%HCM$,\e(B <code>file</code> \e$B$J$N$G!":#2s$N>l9g$OL5$/$F$b9=$$$^$;$s!#\e(B
+ <module>mod_authn_dbm</module> \e$B$d\e(B <module>mod_authn_dbd</module>
+ \e$B$H$$$C$?B>$N%b%8%e!<%k$r;H$&>l9g$K$OI,MW$K$J$j$^$9!#\e(B
+ </p>
+
<p><directive module="mod_authn_file">AuthUserFile</directive>
\e$B%G%#%l%/%F%#%V$O
\e(B <program>htpasswd</program>
\e$B$G:n$C$?
\e(B
\e$B%Q%9%o!<%I%U%!%$%k$X$N%Q%9$r@_Dj$7$^$9!#\e(B
<example>
AuthType Basic<br />
AuthName "By Invitation Only"<br />
+ # Optional line:<br />
+ AuthBasicProvider file<br />
AuthUserFile /usr/local/apache/passwd/passwords<br />
AuthGroupFile /usr/local/apache/passwd/groups<br />
Require group GroupName
\e$B$=$N;~$OB>$NG'>ZJ}K!$r9MN8$KF~$l$?J}$,NI$$$G$7$g$&!#\e(B</p>
</section>
-<section id="whatotherneatstuffcanido"><title>\e$B$b$C$H9*$_$K@)8f$G$-$J$$\e(B
-?</title>
- <p>\e$B%f!<%6L>$H%Q%9%o!<%I$K$h$kG'>Z$OG'>Z$N0l$D$NJ}K!$K2a$.$^$;$s!#\e(B
- \e$B$7$P$7$PC/$G$"$k$+$H$$$&$3$H$H$O0c$&2?$+$K4p$E$$$F!"\e(B
- \e$BF~$l$k$h$&$K$7$?$/$J$k$3$H$b$"$k$G$7$g$&!#\e(B
- \e$BNc$($P$=$N?M$,$I$3$+$iMh$F$$$k$+$H$$$C$?$3$H$G$9!#\e(B</p>
+<section id="dbmdbd"><title>\e$B%Q%9%o!<%I$NJ]B87A<0$rJQ$($k\e(B</title>
+
+ <p>\e$B%W%l!<%s%F%-%9%H$G%Q%9%o!<%I$rJ]B8$9$kJ}K!$K$O>e5-$NLdBj$,$"$j!"\e(B
+ \e$B%G!<%?%Y!<%9$N$h$&$JJL$N>l=j$K%Q%9%o!<%I$rJ]B8$7$?$$$H;W$&\e(B
+ \e$B$+$b$7$l$^$;$s!#\e(B</p>
- <p><directive module="mod_authz_host">Allow</directive> \e$B$H\e(B
- <directive module="mod_authz_host">Deny</directive>
- \e$B%G%#%l%/%F%#%V$r;H$C$F!"%I%-%e%a%s%H$rMW5a$7$F$-$?%^%7%s$N\e(B
- \e$B%[%9%HL>$d%[%9%H%"%I%l%9$K4p$E$$$F5v2DIT5v2D$r@)8f$G$-$^$9!#\e(B
- <directive module="mod_authz_host">Order</directive>
- \e$B%G%#%l%/%F%#%V$O$3$NFs$D$HO"7H$7$FF0:n$7!"\e(BApache
- \e$B$K$I$N=gHV$G%U%#%k%?$rE,MQ$9$k$+$rCN$i$;$^$9!#\e(B</p>
+ <p><module>mod_authn_dbm</module> \e$B$H\e(B <module>mod_authn_dbd</module>
+ \e$B$r;H$&$H!"$=$l$,$G$-$k$h$&$K$J$j$^$9!#\e(B
+ <directive module="mod_auth_basic">AuthBasicSource</directive>
+ \e$B$G\e(B file \e$B$NBe$o$j$K!"\e(B<code>dbm</code> \e$B$"$k$$$O\e(B <code>dbd</code>
+ \e$B$r3JG<7A<0$H$7$FA*$Y$^$9!#\e(B</p>
- <p>\e$B$3$l$i$N%G%#%l%/%F%#%V$N;H$$J}$O<!$N$h$&$K$J$j$^$9!#\e(B</p>
+ <p>\e$B%F%-%9%H%U%!%$%k$NBe$o$j$K\e(B dbm \e$B%U%!%$%k$rA*Br$9$k>l9g$O!"$?$H$($P<!$N$h$&$K$7$^$9!#\e(B</p>
<example>
- Allow from <var>address</var>
+ <Directory /www/docs/private><br />
+ AuthName "Private"<br />
+ AuthType Basic<br />
+ AuthBasicProvider dbm<br />
+ AuthDBMUserFile /www/passwords/passwd.dbm<br />
+ Require valid-user<br />
+ </Directory>
</example>
- <p>\e$B$3$3$G!"\e(B<var>address</var> \e$B$O\e(B IP \e$B%"%I%l%9\e(B
- (\e$B$^$?$O\e(B IP \e$B%"%I%l%9$N0lIt\e(B)\e$B!"$"$k$$$O40A4=$>~%I%a%$%sL>\e(B
- (\e$B$^$?$O%I%a%$%sL>$N0lIt\e(B) \e$B$G$9!#\e(B
- \e$BI,MW$G$"$l$PJ#?t$N%"%I%l%9$d%I%a%$%sL>$r;XDj$G$-$^$9!#\e(B</p>
-
- <p>\e$BNc$($P!"$b$7C/$+$,7G<(HD$r967b$7$F$$$F!"\e(B
- \e$B$=$N?M$rJD$a=P$7$?$$$N$G$"$l$P!"\e(B
- \e$B<!$N$h$&$K$9$k$3$H$,$G$-$^$9!#\e(B</p>
+ <p>\e$B$3$NB>$N%*%W%7%g%s$bB8:_$7$^$9!#>\:Y$K4X$7$F$O\e(B
+ <module>mod_authn_dbm</module> \e$B$N%I%-%e%a%s%H$r$4Mw$/$@$5$$!#\e(B</p>
+</section>
- <example>
- Deny from 205.252.46.165
- </example>
+<section id="multprovider"><title>\e$BJ#?t$N%W%m%P%$%@$r;HMQ$9$k\e(B</title>
- <p>\e$B$3$N%"%I%l%9$+$iMh$k?M$O!"$3$N%G%#%l%/%F%#%V$NHO0OFb$N\e(B
- \e$B%3%s%F%s%D$r8+$k$3$H$,$G$-$J$$$^$;$s!#$b$7\e(B IP
- \e$B%"%I%l%9$NBe$o$j$K%^%7%sL>$,$"$l$P!"$=$l$r;H$($^$9!#\e(B</p>
+ <p>\e$BG'>Z>5G'%"!<%-%F%/%A%c$K4p$E$$$F$$$k?7$7$$%W%m%P%$%@$r;H$&$H!"\e(B
+ \e$BG'>Z>5G'$NJ}K!$r$R$H$D$KG{$kI,MW$,$J$/$J$j$^$9!#\e(B
+ \e$B$$$/$D$b$N%W%m%P%$%@$rAH$_9g$o$;$F!"<+J,$NK>$_$N5sF0$K$G$-$^$9!#\e(B
+ \e$B<!$NNc$G$O\e(B file \e$BG'>Z%W%m%P%$%@$H\e(B ldap \e$BG'>Z%W%m%P%$%@$r\e(B
+ \e$BAH$_9g$o$;$F$$$^$9!#\e(B</p>
<example>
- Deny from <var>host.example.com</var>
+ <Directory /www/docs/private><br />
+ AuthName "Private"<br />
+ AuthType Basic<br />
+ AuthBasicProvider file ldap<br />
+ AuthUserFile /usr/local/apache/passwd/passwords<br />
+ AuthLDAPURL ldap://ldaphost/o=yourorg<br />
+ Require valid-user
</example>
- <p>\e$B%I%a%$%sA4BN$+$i$N%"%/%;%9$rKI$.$?$1$l$P!"\e(B
- \e$BC1$K%"%I%l%9$d%I%a%$%sL>$N0lIt$r;XDj$9$k$3$H$,$G$-$^$9!#\e(B</p>
+ <p>\e$B$3$NNc$G$O!"$^$:\e(B file \e$B%W%m%P%$%@$,%f!<%6G'>Z$r;n$_$^$9!#\e(B
+ \e$BG'>Z$G$-$J$+$C$?>l9g$K$O!"\e(Bldap \e$B%W%m%P%$%@$,8F$S=P$5$l$^$9!#\e(B
+ \e$BAH?%$GJ#?t$NG'>Z3JG<J}K!$r;H$C$F$$$k:]$J$I$K!"\e(B
+ \e$B$3$NJ}K!$r;H$C$FG'>Z$N%9%3!<%W$r3HBg$G$-$^$9!#\e(B
+ \e$B$b$&$R$H$D$N%7%J%j%*$O!"$R$H$D$NG'>Z%?%$%W$H0[$J$k>5G'$r\e(B
+ \e$BAH$_9g$o$;$kJ}K!$G$7$g$&!#$?$H$($P!"%Q%9%o!<%I%U%!%$%k$GG'>Z$7$F!"\e(B
+ ldap \e$B%G%#%l%/%H%j$G>5G'$r9T$&$H$$$C$?>l9g$G$9!#\e(B</p>
+
+ <p>\e$BG'>Z%W%m%P%$%@$rJ#?t<BAu$G$-$k$h$&$K!">5G'J}K!$bJ#?t;HMQ$G$-$^$9!#\e(B
+ \e$B$3$NNc$G$O\e(B file \e$B%0%k!<%W>5G'$H\e(B ldap \e$B%0%k!<%W>5G'$r;H$C$F$$$^$9!#\e(B</p>
<example>
- Deny from <var>192.101.205</var><br />
- Deny from <var>cyberthugs.com</var> <var>moreidiots.com</var><br />
- Deny from ke
+ <Directory /www/docs/private><br />
+ AuthName "Private"<br />
+ AuthType Basic<br />
+ AuthBasicProvider file<br />
+ AuthUserFile /usr/local/apache/passwd/passwords<br />
+ AuthLDAPURL ldap://ldaphost/o=yourorg
+ AuthGroupFile /usr/local/apache/passwd/groups<br />
+ Require group GroupName<br />
+ Require ldap-group cn=mygroup,o=yourorg
</example>
- <p><directive module="mod_authz_host">Order</directive> \e$B$r;H$&$3$H$G!"\e(B
- <directive module="mod_authz_host">Deny</directive> \e$B$H\e(B
- <directive module="mod_authz_host">Allow</directive> \e$B$NAH$_9g$o$;$G\e(B
- \e$BF~$C$F$bNI$$%0%k!<%W$,K\Ev$K3N<B$K8BDj$G$-$F$$$k$h$&$K$G$-$^$9!#\e(B</p>
+ <p>\e$B>5G'$r$h$j:Y$+$/@)8f$7$?$$>l9g$O!"\e(B
+ <directive module="mod_authz_core"><SatisfyAll></directive> \e$B$H\e(B
+ <directive module="mod_authz_core"><SatisfyOne></directive>
+ \e$B%G%#%l%/%F%#%V$r;H$C$F\e(B AND/OR \e$B%m%8%C%/$G;XDj$7!"@_Dj%U%!%$%k$G\e(B
+ \e$B>5G'$N=hM}=gHV$N@)8f$,$G$-$k$h$&$K$J$C$F$$$^$9!#\e(B
+ \e$B$3$l$i$N%G%#%l%/%F%#%V$r$I$N$h$&$K;H$($k$+!"LVMe$7$?Nc$r$4Mw$/$@$5$$!#\e(B</p>
- <example>
- Order deny,allow<br />
- Deny from all<br />
- Allow from <var>dev.example.com</var>
- </example>
+</section>
+
+<section id="beyond"><title>\e$BC1=c$J>5G'$N$=$N@h\e(B</title>
+
+ <p>\e$B>5G'$NJ}K!$O!"$R$H$D$N%G!<%?%=!<%9$r8+$F0l2s$@$1%A%'%C%/$9$k$N$HHf$Y$F!"\e(B
+ \e$B$:$C$HB?:L$JE,MQJ}K!$,$G$-$^$9!#\e(B
+ \e$B>5G'=hM}$NE,MQ=g=x$d@)8f!"A*Br$,$G$-$k$h$&$K$J$j$^$7$?!#\e(B</p>
+
+ <section id="authandororder"><title>AND/OR \e$B%m%8%C%/$NE,MQ$H=g=xIU$1\e(B</title>
+ <p>\e$B>5G'$,$I$N$h$&$J=g=x$GE,MQ$5$l$F$$$k$+!"$^$?!"$=$l$r$I$N$h$&$K@)8f$9$k$+$O!"\e(B
+ \e$B$3$l$^$G:.Mp$r>7$$$F$$$^$7$?!#\e(B
+ Apache 2.2 \e$B$G$O%W%m%P%$%@%Y!<%9$NG'>Z%a%+%K%:%`$,F3F~$5$l!"\e(B
+ \e$B>5G'=hM}$+$iG'>Z=hM}$H%5%]!<%H5!G=$H$,@Z$jJ,$1$i$l$^$7$?!#\e(B
+ \e$B$3$l$K$h$k$R$H$D$N8z2L$H$7$F!"\e(B
+ \e$BG'>Z%b%8%e!<%k$N%m!<%I=g$d%b%8%e!<%k<+BN$N=g=x$K0MB8$9$k$3$H$J$/!"\e(B
+ \e$B;XDj$7$?=gHV$GG'>Z%W%m%P%$%@$,8F$S=P$;$k$h$&!"\e(B
+ \e$B@_Dj$G$-$k$h$&$K$J$j$^$7$?!#\e(B
+ \e$B$3$N%W%m%P%$%@%a%+%K%:%`$O>5G'=hM}$G$bF3F~$5$l$F$$$^$9!#\e(B
+ \e$B$D$^$j!"\e(B<directive module="mod_authz_core">Require</directive>
+ \e$B%G%#%l%/%F%#%V$OC1$K$I$N>5G'<jK!$,;H$o$l$k$+$r;XDj$9$k$@$1$G$O$J$/!"\e(B
+ \e$B$=$l$i$N8F$S=P$7=g=x$b;XDj$G$-$k$h$&$K$J$j$^$7$?!#\e(B
+ \e$BJ#?t$N>5G'<jK!$,$"$k$H$-!"$=$N8F$S=P$7=g$O!"@_Dj%U%!%$%k$N\e(B
+ <directive module="mod_authz_core">Require</directive> \e$B%G%#%l%/%F%#%VCf$G\e(B
+ \e$B8=$l$?=g=x$HF1$8$K$J$j$^$9!#\e(B</p>
+
+ <p>\e$BDI2C$GF3F~$5$l$?\e(B
+ <directive module="mod_authz_core"><SatisfyAll></directive>,
+ <directive module="mod_authz_core"><SatisfyOne></directive>
+ \e$B%G%#%l%/%F%#%V$r;H$C$F!">5G'<jK!$,$$$D8F$S=P$5$l!"%"%/%;%9$,5v2D$5$l$?:]$K\e(B
+ \e$B$I$N<jB3$-$,E,MQ$5$l$k$+;XDj$9$k$3$H$,$G$-$^$9!#\e(B
+ \e$B$?$H$($P!"<!$N>5G'%V%m%C%/$N%m%8%C%/$r8+$F$_$^$7$g$&\e(B:</p>
+
+ <example>
+ # if ((user == "John") ||<br />
+ # ((Group == "admin")<br />
+ # && (ldap-group <ldap-object> contains auth'ed_user)<br />
+ # && ((ldap-attribute dept == "sales")<br />
+ # || (file-group contains auth'ed_user))))<br />
+ # then<br />
+ # auth_granted<br />
+ # else<br />
+ # auth_denied<br />
+ #<br />
+ <Directory /www/mydocs><br />
+ <indent>
+ Authname ...<br />
+ AuthBasicProvider ...<br />
+ ...<br />
+ Require user John<br />
+ <SatisfyAll><br />
+ <indent>
+ Require Group admins<br />
+ Require ldap-group cn=mygroup,o=foo<br />
+ <SatisfyOne><br />
+ <indent>
+ Require ldap-attribute dept="sales"<br />
+ Require file-group<br />
+ </indent>
+ </SatisfyOne><br />
+ </indent>
+ </SatisfyAll><br />
+ </indent>
+ </Directory>
+ </example>
+
+ <p>\e$B%G%U%)%k%H$G$O\e(B <directive module="mod_authz_core">Require</directive>
+ \e$B%G%#%l%/%F%#%V$O\e(B OR \e$BA`:n$H$7$F07$o$l$^$9!#$D$^$j!"$b$7;XDj$7$?>5G'<jK!$N\e(B
+ \e$B$R$H$D$G$b9g3J$9$l$P!">5G'$5$l$^$9!#\e(B
+ <directive module="mod_authz_core">Require</directive> \e$B%G%#%l%/%F%#%V$N%;%C%H$r\e(B
+ \e$B$R$H$D$N\e(B <directive module="mod_authz_core"><SatisfyAll></directive>
+ \e$B%V%m%C%/$G0O$`$H\e(BAND \e$BA`:n$H$J$j!"A4$F$N>5G'<jK!$G9g3J$7$J$1$l$P5v2D$5$l$^$;$s!#\e(B</p>
+
+ </section>
+
+ <section id="reqaccessctrl"><title>\e$B%"%/%;%9@)8f$K$*$1$k\e(B Require \e$B$H\e(B Reject \e$B$N;H$$J}\e(B</title>
+ <p>\e$B%f!<%6L>$H%Q%9%o!<%I$K$h$kG'>Z$OA4BN$N0lItJ,$G$7$+$"$j$^$;$s!#\e(B
+ \e$BC/$,%"%/%;%9$7$F$-$?$+$H$$$C$?>pJs0J30$N>r7o$r;H$$$?$$!"\e(B
+ \e$B$H$h$/;W$&$3$H$G$7$g$&!#\e(B
+ \e$B$?$H$($P!"$I$3$+$i%"%/%;%9$7$F$-$F$$$k$+!"$H$$$C$?6q9g$G$9!#\e(B</p>
+
+ <p>\e$B>5G'%W%m%P%$%@\e(B <directive module="mod_authz_host">all</directive>,
+ <directive module="mod_authz_host">env</directive>,
+ <directive module="mod_authz_host">host</directive>,
+ <directive module="mod_authz_host">ip</directive>
+ \e$B$r;H$&$H!"%j%/%(%9%H$rAw?.$7$F$-$F$$$k%^%7%s$N%[%9%HL>$d\e(B IP \e$B%"%I%l%9\e(B
+ \e$B$H$$$C$?!"%[%9%H%Y!<%9$G$N%"%/%;%9@)8f$,$G$-$^$9!#\e(B</p>
+
+ <p>\e$B$3$l$i%W%m%P%$%@$N07$$$O\e(B
+ <directive module="mod_authz_core">Require</directive> \e$B$d\e(B
+ <directive module="mod_authz_core">Reject</directive> \e$B$G\e(B
+ \e$B;XDj$5$l$^$9!#$3$l$i$N%G%#%l%/%F%#%V$O>5G'%W%m%P%$%@$rEPO?$7!"\e(B
+ \e$B%j%/%(%9%H=hM}$N>5G'CJ3,$G8F$S=P$5$l$^$9!#$?$H$($P\e(B:</p>
+
+ <example>
+ Require ip <var>address</var>
+ </example>
+
+ <p>\e$B$3$3$G!"\e(B<var>address</var> \e$B$O\e(B IP \e$B%"%I%l%9\e(B (\e$B$"$k$$$O\e(B IP \e$B%"%I%l%9$N\e(B
+ \e$B0lIt\e(B) \e$B$+\e(B : </p>
+
+ <example>
+ Require host <var>domain_name</var>
+ </example>
+
+ <p>\e$B$3$3$G\e(B <var>domain_name</var> \e$B$O\e(B FQDN (\e$B$"$k$$$O%I%a%$%sL>$N0lIt\e(B)
+ \e$B$G!"I,MW$G$"$l$PJ#?t$N%"%I%l%9$d%I%a%$%sL>$r=q$/$3$H$,$G$-$^$9!#\e(B</p>
+
+ <p>\e$B$?$H$($P!"%9%Q%`%a%C%;!<%8$rAw?.$7$F$/$kC/$+$r5qH]$7$?$$>l9g!"\e(B
+ \e$B<!$N$h$&$K$J$j$^$9\e(B : </p>
+
+ <example>
+ Reject ip 10.252.46.165
+ </example>
+
+ <p>\e$B$3$N%G%#%l%/%F%#%V$,M-8z$JHO0O$N%3%s%F%s%D$KBP$7$F$O!"\e(B
+ \e$B$=$N%"%I%l%9$+$i%"%/%;%9$7$F$-$F$b8+$k$3$H$,$G$-$^$;$s!#\e(B
+ \e$B$b$7%^%7%sL>$,$o$+$C$F$$$F\e(B IP \e$B%"%I%l%9$h$j$b$=$A$i$G\e(B
+ \e$B;XDj$7$?$$$N$G$"$l$P!"$=$N%^%7%sL>$,;H$($^$9!#\e(B</p>
+
+ <example>
+ Reject host <var>host.example.com</var>
+ </example>
+
+ <p>\e$B$^$?!"FCDj$N%I%a%$%s$+$i$N%"%/%;%9A4$F$r%V%m%C%/$7$?$$>l9g$O!"\e(B
+ IP \e$B%"%I%l%9$N0lIt$d!"%I%a%$%sL>$,;XDj$G$-$^$9\e(B :</p>
+
+ <example>
+ <SatisfyAll><br />
+ <indent>
+ Reject ip <var>192.168.205</var><br />
+ Reject host <var>phishers.example.com</var> <var>moreidiots.example</var><br /> Reject host ke<br />
+ </indent>
+ </SatisfyAll>
+ </example>
+
+ <p><directive module="mod_authz_host">Reject</directive> \e$B%G%#%l%/%F%#%V$r\e(B
+ <directive module="mod_authz_core"><SatisfyAll></directive> \e$B%V%m%C%/$NCf$G;H$&$H!"\e(B
+ \e$B5v2D$7$?$$%0%k!<%W$K$N$_%"%/%;%9$,$G$-$k$h$&$K3NG'$G$-$^$9!#\e(B</p>
+
+ <p>\e$B>e5-$NNc$G$O\e(B <directive module="mod_authz_core"><SatisfyAll></directive>
+ \e$B$r;H$C$F!"%"%/%;%9$K9g3J$9$kA0CJ3,$G!"A4$F$N\e(B
+ <directive module="mod_authz_host">Reject</directive> \e$B%G%#%l%/%F%#%V$,\e(B
+ \e$BK~$?$5$l$F$$$k$3$H$r3NG'$7$F$$$^$9!#\e(B</p>
+
+ </section>
+
+ <section id="filesystem"><title>\e$B%"%/%;%9@)8f$N8eJ}8_49@-\e(B</title>
+ <p>\e$BG'>Z%W%m%P%$%@%Y!<%9$N5!9=$,$"$k$?$a!"0JA0;HMQ$5$l$F$$$?%G%#%l%/%F%#%V\e(B
+ <directive module="mod_access_compat">Order</directive>,
+ <directive module="mod_access_compat">Allow</directive>,
+ <directive module="mod_access_compat">Deny</directive>,
+ <directive module="mod_access_compat">Satisfy</directive>
+ \e$B$OI,MW$J$/$J$j$^$7$?!#\e(B
+ \e$B$H$O$$$&$b$N$N!"8E$$@_Dj%U%!%$%k$G$N8eJ}8_49@-$rDs6!$9$k$?$a!"\e(B
+ \e$B$3$l$i$N%G%#%l%/%F%#%V$O\e(B <module>mod_access_compat</module> \e$B%b%8%e!<%k$K0\$5$l$^$7$?!#\e(B</p>
+
+ <p>\e$B$3$l$i$N%G%#%l%/%F%#%V$NJz$($F$$$?LdBj$N$R$H$D$K!">5G'$N@_Dj9T$H%"%/%;%9@)8f$N@_Dj9T$N\e(B
+ \e$B4X78$,$H$F$b$"$$$^$$$@$C$?$3$H$,5s$2$i$l$^$9!#\e(B
+ <directive module="mod_access_compat">Satisfy</directive> \e$B%G%#%l%/%F%#%V$O\e(B
+ \e$B%j%/%(%9%H=hM}Cf$G$=$l<+?H$r8F$S=P$9$3$H$K$h$C$F!"$3$l$i$N\e(B 2 \e$B$D$N=hM}CJ3,$r7k$S$D$1$h$&$H$7$^$9!#\e(B
+ \e$B8=:_$O!"$3$l$i$N%G%#%l%/%F%#%V$O\e(B <module>mod_access_compat</module> \e$B$K0\F0$7!"\e(B
+ \e$B?7$7$$G'>Z%G%#%l%/%F%#%V$H8E$$%"%/%;%9@)8f%G%#%l%/%F%#%V$r:.$<$F;H$&$3$H$O\e(B
+ \e$BFq$7$/$J$C$F$$$^$9!#$3$NLdBj$N$?$a!"\e(B<module>mod_authz_default</module> \e$B%b%8%e!<%k$r\e(B
+ \e$B%m!<%I$9$k$3$H$,$H$F$b=EMW$G!"I,?\$K$J$C$F$$$^$9!#\e(B
+ <module>mod_authz_default</module>\e$B!!%b%8%e!<%k$N<g$JL\E*$O!"$I$N>5G'%W%m%P%$%@$G\e(B
+ \e$B=hM}$5$l$J$+$C$?>5G'%j%/%(%9%H$r<u$1$k$3$H$K$"$j$^$9!#\e(B
+ \e$B$7$+$7!"8E$$%"%/%;%9@)8f%G%#%l%/%F%#%V$,MQ$$$i$l$?>l9g$K$O!"\e(B
+ \e$B%"%/%;%9@)8f$H>5G'$r7k$S$D$1$F!"$9$Y$F$N=hM}CJ3,$N=PNO7k2L$r8+$F%"%/%;%9$K9g3J$9$k$+$r7h$a$F$$$^$9!#\e(B
+ \e$B$G$9$+$i!"8E$$%G%#%l%/%F%#%V$,$&$^$/F0:n$7$J$$>l9g$O!"\e(B
+ <module>mod_authz_default</module> \e$B$,%m!<%I$5$l$F$$$J$$$+$i$+$b$7$l$J$$!"\e(B
+ \e$B$H5?$C$F$_$F$/$@$5$$!#\e(B</p>
+
+ </section>
- <p><directive module="mod_authz_host">Allow</directive>
- \e$B%G%#%l%/%F%#%V$rC1=c$KNs5s$9$k$N$G$OK>$_$NF0:n$r$7$J$$$G$7$g$&!#\e(B
- \e$B$J$<$J$i!"A4$F$N?M$,F~$l$k$H$$$&$3$H$K2C$($F!"\e(B
- \e$B;XDj$7$?%[%9%H$+$i$N?M$,F~$l$k$h$&$K$9$k$+$i$G$9!#\e(B
- \e$B$d$j$?$$$3$H$O!";XDj$7$??M$?$A\e(B<em>\e$B$@$1\e(B</em>\e$B$,F~$l$k$h$&$K\e(B
- \e$B$9$k$3$H$G$9!#\e(B</p>
</section>
<section id="moreinformation"><title>\e$BDI2C>pJs\e(B</title>
<p>\e$B$3$l$iA4$F$,$I$N$h$&$KF0:n$9$k$+$K$D$$$F\e(B
\e$B$b$C$HB?$/$N>pJs$,=q$+$l$F$$$k\e(B <module>mod_auth_basic</module> \e$B$H\e(B
<module>mod_authz_host</module>
- \e$B$NJ8=q$bFI$`$H$h$$$G$7$g$&!#\e(B</p>
+ \e$B$NJ8=q$bFI$`$H$h$$$G$7$g$&!#\e(B
+ <directive module="mod_authn_core"><AuthnProviderAlias></directive>
+ \e$B%G%#%l%/%F%#%V$r;H$&$H!"FCDj$NG'>Z@_Dj$,4JC1$K=q$1$k$h$&$K$J$j$^$9!#\e(B</p>
+
+ <p><a href="access.html">\e$B%"%/%;%9@)8f\e(B</a>\e$B$NJ}K!$b!"\e(B
+ \e$B4XO"$9$k%H%T%C%/$,$?$/$5$s5-:\$5$l$F$$$^$9$N$G!"$4Mw$/$@$5$$!#\e(B</p>
+
</section>
</manualpage>
projects / apache / commitdiff