From: brian <brian@unknown>
Date: Thu, 21 Nov 1996 08:39:27 +0000 (+0000)
Subject: Added gunk from old "auth_dbm.html" describing some implementation
X-Git-Tag: mpm-3~6
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=7f251c41c694127f63a5bb697485dee8d1c469c4;p=apache

Added gunk from old "auth_dbm.html" describing some implementation
issues.  This so we can nuke auth_dbm.html, which really doesn't have
a home... also fixed some minor typos.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@76999 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/docs/manual/mod/mod_auth_db.html b/docs/manual/mod/mod_auth_db.html
index a1fe3033f7..8c4faffd65 100644
--- a/docs/manual/mod/mod_auth_db.html
+++ b/docs/manual/mod/mod_auth_db.html
@@ -12,7 +12,7 @@
 
 This module is contained in the <code>mod_auth_db.c</code> file, and
 is not compiled in by default. It provides for user authentication using
-Berkeley DB files. It is an alternative to <A HREF="../auth_dbm.html">DBM</A>
+Berkeley DB files. It is an alternative to <A HREF="mod_auth_dbm.html">DBM</A>
 files for those systems which support DB and not DBM. It is only
 available in Apache 1.1 and later.
 
@@ -43,7 +43,30 @@ be no whitespace within the value, and it must never contain any colons.<p>
 Security: make sure that the AuthDBGroupFile is stored outside the
 document tree of the webserver; do <em>not</em> put it in the directory that
 it protects. Otherwise, clients will be able to download the
-AuthDBGroupFile.<p>
+AuthDBGroupFile unless otherwise protected.<p>
+
+Combining Group and Password DB files: In some cases it is easier to
+manage a single database which contains both the password and group
+details for each user. This simplifies any support programs that need
+to be written: they now only have to deal with writing to and locking
+a single DBM file. This can be accomplished by first setting the group
+and password files to point to the same DB file:<p>
+
+<blockquote><code>
+AuthDBGroupFile /www/userbase<br>
+AuthDBUserFile /www/userbase
+</code></blockquote>
+
+The key for the single DB record is the username. The value consists of <p>
+
+<blockquote><code>
+Unix Crypted Password : List of Groups [ : (ignored) ]
+</code></blockquote>
+
+The password section contains the Unix crypt() password as before. This is
+followed by a colon and the comma separated list of groups. Other data may
+optionally be left in the DB file after another colon; it is ignored by the
+authentication module. <p>
 
 See also <A HREF="core.html#authname">AuthName</A>,
 <A HREF="core.html#authtype">AuthType</A> and
@@ -60,15 +83,25 @@ See also <A HREF="core.html#authname">AuthName</A>,
 The AuthDBUserFile directive sets the name of a DB file containing the list
 of users and passwords for user authentication. <em>Filename</em> is the
 absolute path to the user file.<p>
-The user file is keyed on the username. The value for a user is the crypt()
-encrypted password, optionally followed by a colon and arbitrary data.
-The colon and the data following it will be ignored by the server.<p>
+
+The user file is keyed on the username. The value for a user is the
+crypt() encrypted password, optionally followed by a colon and
+arbitrary data.  The colon and the data following it will be ignored
+by the server.<p>
 
 Security: make sure that the AuthDBUserFile is stored outside the
 document tree of the webserver; do <em>not</em> put it in the directory that
 it protects. Otherwise, clients will be able to download the
 AuthDBUserFile.<p>
 
+Important compatibility note: The implementation of "dbmopen" in the
+apache modules reads the string length of the hashed values from the
+DB data structures, rather than relying upon the string being
+NULL-appended. Some applications, such as the Netscape web server,
+rely upon the string being NULL-appended, so if you are having trouble
+using DB files interchangeably between applications this may be a
+part of the problem. <p>
+
 See also <A HREF="core.html#authname">AuthName</A>,
 <A HREF="core.html#authtype">AuthType</A> and
 <A HREF="#authdbgroupfile">AuthDBGroupFile</A>.<p>
diff --git a/docs/manual/mod/mod_auth_dbm.html b/docs/manual/mod/mod_auth_dbm.html
index 230d5e351d..e36fc12485 100644
--- a/docs/manual/mod/mod_auth_dbm.html
+++ b/docs/manual/mod/mod_auth_dbm.html
@@ -24,7 +24,7 @@ DBM files. See the <A HREF="auth_dbm.html">DBM user documentation</a>.
 
 <A name="authdbmgroupfile"><h2>AuthDbmGroupFile</h2></A>
 <!--%plaintext &lt;?INDEX {\tt AuthDbmGroupFile} directive&gt; -->
-<strong>Syntax:</strong> AuthGroupFile <em>filename</em><br>
+<strong>Syntax:</strong> AuthDBMGroupFile <em>filename</em><br>
 <Strong>Context:</strong> directory, .htaccess<br>
 <Strong>Override:</strong> AuthConfig<br>
 <strong>Status:</strong> Extension<br>
@@ -41,7 +41,31 @@ be no whitespace within the value, and it must never contain any colons.<p>
 Security: make sure that the AuthDBMGroupFile is stored outside the
 document tree of the webserver; do <em>not</em> put it in the directory that
 it protects. Otherwise, clients will be able to download the
-AuthDBMGroupFile.<p>
+AuthDBMGroupFile unless otherwise protected.<p>
+
+Combining Group and Password DBM files: In some cases it is easier to
+manage a single database which contains both the password and group
+details for each user. This simplifies any support programs that need
+to be written: they now only have to deal with writing to and locking
+a single DBM file. This can be accomplished by first setting the group
+and password files to point to the same DBM:<p>
+
+<blockquote><code>
+AuthDBMGroupFile /www/userbase<br>
+AuthDBMUserFile /www/userbase
+</code></blockquote>
+
+The key for the single DBM is the username. The value consists of <p>
+
+<blockquote><code>
+Unix Crypted Password : List of Groups [ : (ignored) ]
+</code></blockquote>
+
+The password section contains the Unix crypt() password as before. This is
+followed by a colon and the comma separated list of groups. Other data may
+optionally be left in the DBM file after another colon; it is ignored by the
+authentication module. This is what www.telescope.org uses for its combined
+password and group database. <p>
 
 See also <A HREF="core.html#authname">AuthName</A>,
 <A HREF="core.html#authtype">AuthType</A> and
@@ -58,15 +82,25 @@ See also <A HREF="core.html#authname">AuthName</A>,
 The AuthDBMUserFile directive sets the name of a DBM file containing the list
 of users and passwords for user authentication. <em>Filename</em> is the
 absolute path to the user file.<p>
-The user file is keyed on the username. The value for a user is the crypt()
-encrypted password, optionally followed by a colon and arbitrary data.
-The colon and the data following it will be ignored by the server.<p>
+
+The user file is keyed on the username. The value for a user is the
+crypt() encrypted password, optionally followed by a colon and
+arbitrary data.  The colon and the data following it will be ignored
+by the server.<p>
 
 Security: make sure that the AuthDBMUserFile is stored outside the
 document tree of the webserver; do <em>not</em> put it in the directory that
 it protects. Otherwise, clients will be able to download the
 AuthDBMUserFile.<p>
 
+Important compatibility note: The implementation of "dbmopen" in the
+apache modules reads the string length of the hashed values from the
+DBM data structures, rather than relying upon the string being
+NULL-appended. Some applications, such as the Netscape web server,
+rely upon the string being NULL-appended, so if you are having trouble
+using DBM files interchangeably between applications this may be a
+part of the problem. <p>
+
 See also <A HREF="core.html#authname">AuthName</A>,
 <A HREF="core.html#authtype">AuthType</A> and
 <A HREF="#authdbmgroupfile">AuthDBMGroupFile</A>.<p>