From: Bradley Nicholes
Date: Thu, 7 Feb 2008 16:45:11 +0000 (+0000)
Subject: Document the RequireAlias block directive
X-Git-Tag: 2.3.0~1004
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=108c5129b2970ee236a992ab4cca6ddb7c0c975c;p=apache
Document the RequireAlias block directive
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@619497 13f79535-47bb-0310-9956-ffa450edef68
---
diff --git a/docs/manual/mod/mod_authz_core.xml b/docs/manual/mod/mod_authz_core.xml
index d3644576b6..c32a416e47 100644
--- a/docs/manual/mod/mod_authz_core.xml
+++ b/docs/manual/mod/mod_authz_core.xml
@@ -41,6 +41,60 @@
authorization processing.
+Creating Authorization Provider Aliases
+
+ Extended authorization providers can be created within the configuration
+ file and assigned an alias name. The alias providers can then be referenced
+ through the Require directive
+ in the same way as a base authorization provider. Besides the ability to
+ create and alias an extended provider, it also allows the same extended
+ authorization provider to be reference by multiple locations.
+
+
+ Example
+ The example below creates two different ldap authorization provider
+ aliases based on the ldap-group authorization provider. This example
+ allows a single authorization location to check group membership within
+ multiple ldap hosts:
+
+
+ Example
+ <RequireAlias ldap-group ldap-group-alias1 cn=my-group,o=ctx>
+
+ AuthLDAPBindDN cn=youruser,o=ctx
+ AuthLDAPBindPassword yourpassword
+ AuthLDAPURL ldap://ldap.host/o=ctx
+
+ </RequireAlias>
+ <AuthnProviderAlias ldap-group ldap-group-alias2
+ cn=my-other-group,o=dev>
+
+ AuthLDAPBindDN cn=yourotheruser,o=dev
+ AuthLDAPBindPassword yourotherpassword
+ AuthLDAPURL ldap://other.ldap.host/o=dev?cn
+
+ </RequireAlias>
+
+ Alias /secure /webpages/secure
+ <Directory /webpages/secure>
+
+ Order deny,allow
+ Allow from all
+
+ AuthBasicProvider file
+
+ AuthType Basic
+ AuthName LDAP_Protected_Place
+
+ #implied OR operation
+ require alias1-ldap-group
+ require alias2-ldap-group
+ </Directory>
+
+
+
+
+
Require
Selects which authenticated users can access
@@ -248,4 +302,24 @@ the current <Directory> or <Location> block will apply.
+
+RequireAlias
+Enclose a group of directives that represent an
+extension of a base authorization provider and referenced by the specified
+alias
+<RequireAlias baseProvider Alias Require-Parameters>
+... </RequireAlias>
+
+server config
+
+
+
+ RequireAlias and
+ </RequireAlias>
are used to enclose a group of
+ authorization directives that can be referenced by the alias name using the
+ directive Require.
+
+
+
+