This module allows the use of HTTP Basic Authentication to restrict access by looking up users in the given providers. HTTP Digest Authentication is provided by mod_auth_digest.

Summary

This module implements HTTP Digest Authentication. However, it has not been extensively tested and is therefore marked experimental.

Description: -	Sets whether authorization and authentication are -passed to lower level modules
Syntax: -	`AuthBasicAuthoritative on\|off`
Default: -	`AuthBasicAuthoritative on`
Context: +	Sets whether authorization and authentication are passed to +lower level modules
Syntax: +	`AuthBasicAuthoritative On\|Off`
Default: +	`AuthBasicAuthoritative On`
Context:	directory, .htaccess
Override:	AuthConfig
Status:	Base
Module:	mod_auth_basic

Description:	Sets the authentication provider(s) for this location
Syntax: -	`AuthBasicProvider provider-name`
Context: -	directory, .htaccess
Override: -	AuthConfig
Status: +	`AuthBasicProvider On\|Off\|provider-name +[provider-name] ...`
Default: +	`AuthBasicProvider On`
Context: +	directory
Status:	Base
Module:	mod_auth_basic

Using Digest Authentication

Using MD5 Digest authentication is very simple. Simply set - up authentication normally, using "AuthType Digest" and - "AuthDigestFile" instead of the normal "AuthType Basic" and - "AuthUserFile"; also, replace any "AuthGroupFile" with - "AuthDigestGroupFile". Then add a "AuthDigestDomain" directive - containing at least the root URI(s) for this protection space. - Example:

+ up authentication normally, using AuthType Digest and + AuthDigestProvider + instead of the normal AuthType Basic and + AuthBasicProvider. + Then add a AuthDigestDomain directive containing at least the root + URI(s) for this protection space.

+

Appropriate user (text) files can be created using the + htdigest tool.


+
+    Example:

       <Location /private/>

       
         AuthType Digest

         AuthName "private area"

         AuthDigestDomain /private/ http://mirror.my.dom/private2/

-        AuthDigestFile /web/auth/.digest_pw

+	

+	AuthDigestProvider file

+        AuthUserFile /web/auth/.digest_pw

         Require valid-user

       
       </Location>
@@ -46,11 +51,11 @@
     
Note
 
     Digest authentication provides a more secure password system
     than Basic authentication, but only works with supporting
-    browsers. As of July 2002, the major browsers that support digest
+    browsers. As of November 2002, the major browsers that support digest
     authentication are Opera, MS Internet
-    Explorer (fails when used with a query string), Amaya and Mozilla.  Since digest
+    Explorer (fails when used with a query string), Amaya, Mozilla and Netscape since version 7. Since digest
     authentication is not as widely implemented as basic
-    authentication, you should use it only in controlled settings.
+    authentication, you should use it only in controlled environments.
     

 
AuthDigestAlgorithm Directive
Description: 
               Selects the algorithm used to calculate the challenge and
@@ -97,48 +102,6 @@ authentication
Syntax:
     which case clients (which understand this) will then share
     username/password info across multiple servers without
     prompting the user each time. 
-
AuthDigestFile Directive
Description: 
-              Location of the text file containing the list
-of users and encoded passwords for digest authentication
Syntax:
-              AuthDigestFile file-path
Context:
-              directory, .htaccess
Override:
-              AuthConfig
Status:
-              Experimental
Module:
-              mod_auth_digest
-    The AuthDigestFile directive sets the
-    name of a textual file containing the list of users and encoded
-    passwords for digest authentication. File-path is the
-    absolute path to the user file.
-
-    The digest file uses a special format. Files in this format
-    can be created using the htdigest utility found in
-    the support/ subdirectory of the Apache distribution.
-
AuthDigestGroupFile Directive
Description: 
-              Name of the text file containing the list of groups
-for digest authentication
Syntax:
-              AuthDigestGroupFile file-path
Context:
-              directory, .htaccess
Override:
-              AuthConfig
Status:
-              Experimental
Module:
-              mod_auth_digest
-    The AuthDigestGroupFile directive sets
-    the name of a textual file containing the list of groups and their
-    members (user names). File-path is the absolute path to
-    the group file.
-
-    Each line of the group file contains a groupname followed by
-    a colon, followed by the member usernames separated by spaces.
-    Example:
-
-    mygroup: bob joe anne
-
-    Note that searching large text files is very
-    inefficient.
-
-    Security: make sure that the AuthGroupFile is stored outside
-    the document tree of the web-server; do not put it in
-    the directory that it protects. Otherwise, clients will be able
-    to download the AuthGroupFile.
 
AuthDigestNcCheck Directive
Description: 
               Enables or disables checking of the nonce-count sent by the
 server
Syntax:
@@ -158,8 +121,8 @@ server
Syntax:
               AuthConfig
Status:
               Experimental
Module:
               mod_auth_digest
-    Not implemented yet. 
-    
+    Not implemented yet.
+    
 
AuthDigestNonceLifetime Directive
Description: 
               How long the server nonce is valid
Syntax:
               AuthDigestNonceLifetime seconds
Default: 
@@ -177,6 +140,26 @@ server
Syntax:
     seconds. If seconds is less than 0 then the nonce never
     expires. 
     
+
AuthDigestProvider Directive
Description: 
+              Sets the authentication provider(s) for this location
Syntax:
+              AuthDigestProvider On|Off|provider-name
+[provider-name] ...
Default: 
+              AuthBasicProvider On
Context:
+              directory
Status:
+              Experimental
Module:
+              mod_auth_digest
+    The AuthDigestProvider directive sets 
+    which provider is used to authenticate the users for this location.
+    Setting the value to On will choose the default provider
+    (file). Since the file provider is implemented
+    by the mod_authn_file module, you have to make sure,
+    that the module is present in the server.
+
+    See mod_authn_dbm and mod_authn_file
+    for providers.
+
+    The value Off clears the provider list and sets it back
+    to the default.
 
AuthDigestQop Directive
Description: 
               Determines the quality-of-protection to use in digest
 authentication
Syntax:
@@ -187,8 +170,8 @@ authentication
Syntax:
               Experimental
Module:
               mod_auth_digest
     The AuthDigestQop directive determines
-    the quality-of-protection to use. auth will only do
-    authentication (username/password); auth-int is
+    the quality-of-protection to use. auth will
+    only do authentication (username/password); auth-int is
     authentication plus integrity checking (an MD5 hash of the entity
     is also computed and checked); none will cause the module
     to use the old RFC-2069 digest algorithm (which does not include
@@ -200,4 +183,32 @@ authentication
Syntax:
     
       auth-int is not implemented yet.
     
+
AuthDigestShmemSize Directive
Description: 
+              The amount of shared memory to allocate for keeping track
+of clients
Syntax:
+              AuthDigestShmemSize size
Default: 
+              AuthDigestShmemSize 1000
Context:
+              server config
Status:
+              Experimental
Module:
+              mod_auth_digest
+    The AuthDigestShmemSize directive defines
+    the amount of shared memory, that will be allocated at the server
+    startup for keeping track of clients. Note that the shared memory
+    segment cannot be set less than the space that is neccessary for
+    tracking at least one client. This value is dependant on your
+    system. If you want to find out the exact value, you may simply
+    set AuthDigestShmemSize to the value of
+    0 and read the error message after trying to start the
+    server.
+
+    The size is normally expressed in Bytes, but you
+    may let the number follow a K or an M to
+    express your value as KBytes or MBytes. For example, the following
+    directives are all equivalent:
+
+    
+      AuthDigestShmemSize 1048576

+      AuthDigestShmemSize 1024K

+      AuthDigestShmemSize 1M

+    
 
Maintained by the Apache HTTP Server Documentation Project
Modules | Directives | FAQ | Glossary | Sitemap
\ No newline at end of file
diff --git a/docs/manual/mod/mod_authn_anon.html.en b/docs/manual/mod/mod_authn_anon.html.en
index 7eda7b88ba..f9bbacedad 100644
--- a/docs/manual/mod/mod_authn_anon.html.en
+++ b/docs/manual/mod/mod_authn_anon.html.en
@@ -11,8 +11,9 @@
                   authn_anon_module
Source File:
                   mod_authn_anon.c
Compatibility:
                   Available in Apache 2.1 and later
Summary
-    This module does access control in a manner similar to
-    anonymous-ftp sites; i.e. have a 'magic' user id
+    
This module provides authentication front-ends such as
+    mod_auth_basic to authenticate users similar
+    to anonymous-ftp sites, i.e. have a 'magic' user id
     'anonymous' and the email address as a password. These email
     addresses can be logged.
 
@@ -23,29 +24,30 @@
     tracking is that, unlike magic-cookies and funny URL
     pre/postfixes, it is completely browser independent and it
     allows users to share URLs.
+
+    When using mod_auth_basic, this module is invoked
+    via the AuthBasicProvider
+    directive with the anon value.
 
Directives
 Anonymous
- Anonymous_Authoritative
  Anonymous_LogEmail
  Anonymous_MustGiveEmail
  Anonymous_NoUserID
  Anonymous_VerifyEmail
-
Topics
 Example
Example
-
-    The example below (when combined with the Auth directives of a
-    htpasswd-file based (or GDM, mSQL etc.) base access
-    control system allows users in as 'guests' with the following
-    properties:
+Topics
 Example
Example
+    The example below is combined with "normal" htpasswd-file based
+    authentication and allows users in additionally as 'guests' with the
+    following properties:
 
     
       It insists that the user enters a userId.
-      (Anonymous_NoUserId)
+      (Anonymous_NoUserId)
 
       It insists that the user enters a password.
-      (Anonymous_MustGiveEmail)
+      (Anonymous_MustGiveEmail)
 
-      The password entered must be a valid email address, ie.
+      
The password entered must be a valid email address, i.e.
       contain at least one '@' and a '.'.
-      (Anonymous_VerifyEmail)
+      (Anonymous_VerifyEmail)
 
       The userID must be one of anonymous guest www test
       welcome and comparison is not case
@@ -53,38 +55,34 @@
 
       
And the Email addresses entered in the passwd field are
       logged to the error log file
-      (Anonymous_LogEmail)
+      (Anonymous_LogEmail)
     
 
-    Excerpt of httpd.conf:
-
-
-       Anonymous_NoUserId off

-       Anonymous_MustGiveEmail on

-       Anonymous_VerifyEmail on

-       Anonymous_LogEmail on

-       Anonymous anonymous guest www test welcome

-

-      AuthName "Use 'anonymous' & Email address for
-      guest entry"

-      AuthType basic

-

-       # An
-      AuthUserFile/AuthDBMUserFile

-       # directive must be specified, or use

-       # Anonymous_Authoritative for public access.

-       # In the .htaccess for the public directory, add:

-       <Files *>

-       Order Deny,Allow

-       Allow from all

-

-       Require valid-user

-       </Files>

-
+    Example

+      <Directory /foo>
+      
+        AuthName "Use 'anonymous' & Email address for guest entry"

+        AuthType Basic

+        AuthBasicProvider file anon

+        AuthUserFile /path/to/your/.htpasswd

+	

+        Anonymous_NoUserId off

+        Anonymous_MustGiveEmail on

+        Anonymous_VerifyEmail on

+        Anonymous_LogEmail on

+        Anonymous anonymous guest www test welcome

+        

+        Order Deny,Allow

+        Allow from all

+        

+        Require valid-user

+      
+      </Directory>
+    
 
Anonymous Directive
Description: 
               Specifies userIDs that areallowed access without
 password verification
Syntax:
-              Anonymous user [user] ...
Context:
+              Anonymous user [user] ...
Context:
               directory, .htaccess
Override:
               AuthConfig
Status:
               Extension
Module:
@@ -96,50 +94,33 @@ password verification
Synt
 
     Please note that the comparison is
     case-IN-sensitive.

-     I strongly suggest that the magic username
+    It's strongly recommended that the magic username
     'anonymous' is always one of the allowed
     userIDs.
 
-    Example:
-Anonymous anonymous "Not Registered" 'I don\'t know'
+    Example:

+      Anonymous anonymous "Not Registered" "I don't know"
+    
 
     This would allow the user to enter without password
-    verification by using the userId's 'anonymous',
-    'AnonyMous','Not Registered' and 'I Don't Know'.
-
Anonymous_Authoritative Directive
Description: 
-              Configures if authorization will fall-through
-to other methods
Syntax:
-              Anonymous_Authoritative on|off
Default: 
-              Anonymous_Authoritative off
Context:
-              directory, .htaccess
Override:
-              AuthConfig
Status:
-              Extension
Module:
-              mod_authn_anon
-    When set 'on', there is no fall-through to other authorization
-    methods. So if a userID does not match the values specified in the
-    Anonymous directive,
-    access is denied.
-
-    Be sure you know what you are doing when you decide to
-    switch it on. And remember that it is the linking order of the
-    modules (in the Configuration / Make file) which details the
-    order in which the Authorization modules are queried.
+    verification by using the userIDs "anonymous",
+    "AnonyMous", "Not Registered" and "I Don't Know".
 
Anonymous_LogEmail Directive
Description: 
               Sets whether the password entered will be logged in the
 error log
Syntax:
-              Anonymous_LogEmail on|off
Default: 
-              Anonymous_LogEmail on
Context:
+              Anonymous_LogEmail On|Off
Default: 
+              Anonymous_LogEmail On
Context:
               directory, .htaccess
Override:
               AuthConfig
Status:
               Extension
Module:
               mod_authn_anon
-    When set on, the default, the 'password' entered
+    
When set On, the default, the 'password' entered
     (which hopefully contains a sensible email address) is logged in
     the error log.
 
Anonymous_MustGiveEmail Directive
Description: 
               Specifies whether blank passwords are allowed
Syntax:
-              Anonymous_MustGiveEmail on|off
Default: 
-              Anonymous_MustGiveEmail on
Context:
+              Anonymous_MustGiveEmail On|Off
Default: 
+              Anonymous_MustGiveEmail On
Context:
               directory, .htaccess
Override:
               AuthConfig
Status:
               Extension
Module:
@@ -148,26 +129,26 @@ error log
Syntax:
     the password. This prohibits blank passwords.
 
Anonymous_NoUserID Directive
Description: 
               Sets whether the userID field may be empty
Syntax:
-              Anonymous_NoUserID on|off
Default: 
-              Anonymous_NoUserID off
Context:
+              Anonymous_NoUserID On|Off
Default: 
+              Anonymous_NoUserID Off
Context:
               directory, .htaccess
Override:
               AuthConfig
Status:
               Extension
Module:
               mod_authn_anon
-    When set on, users can leave the userID (and
+    
When set On, users can leave the userID (and
     perhaps the password field) empty. This can be very convenient for
     MS-Explorer users who can just hit return or click directly on the
     OK button; which seems a natural reaction.
 
Anonymous_VerifyEmail Directive
Description: 
               Sets whether to check the password field for a correctly
 formatted email address
Syntax:
-              Anonymous_VerifyEmail on|off
Default: 
-              Anonymous_VerifyEmail off
Context:
+              Anonymous_VerifyEmail On|Off
Default: 
+              Anonymous_VerifyEmail Off
Context:
               directory, .htaccess
Override:
               AuthConfig
Status:
               Extension
Module:
               mod_authn_anon
-    When set on the 'password' entered is checked for
+    
When set On the 'password' entered is checked for
     at least one '@' and a '.' to encourage users to enter valid email
-    addresses (see the above Auth_LogEmail).
+    addresses (see the above Anonymous_LogEmail).
 
Maintained by the Apache HTTP Server Documentation Project
Modules | Directives | FAQ | Glossary | Sitemap
\ No newline at end of file
diff --git a/docs/manual/mod/mod_authn_dbm.html.en b/docs/manual/mod/mod_authn_dbm.html.en
index 2403487147..7242c5aa80 100644
--- a/docs/manual/mod/mod_authn_dbm.html.en
+++ b/docs/manual/mod/mod_authn_dbm.html.en
@@ -12,14 +12,15 @@
                   Available in Apache 2.1 and later
Summary
     This module provides authentication front-ends such as
     mod_auth_digest and mod_auth_basic
-    to authenticate users by looking up users in plain text password files.
-    Similar functionality is provided by mod_authn_file.
+    to authenticate users by looking up users in dbm password
+    files. Similar functionality is provided by
+    mod_authn_file.
 
     When using mod_auth_basic or
     mod_auth_digest, this module is invoked via the
     AuthBasicProvider or
     AuthDigestProvider
-    with the 'dbm' value.
+    with the dbm value.
 
Directives
 AuthDBMType
  AuthDBMUserFile
 
See also
AuthName
AuthType

@@ -34,27 +35,25 @@ store passwords
Syntax:
               directory, .htaccess
Override:
               AuthConfig
Status:
               Extension
Module:
-              mod_authn_dbm
Compatibility:
-              Available in version 2.0.30 and later.
-
-Sets the type of database file that is used to store the passwords.
-The default database type is determined at compile time.  The
-availability of other types of database files also depends on
-compile-time settings.
+              mod_authn_dbm

+    Sets the type of database file that is used to store the passwords.
+    The default database type is determined at compile time.  The
+    availability of other types of database files also depends on
+    compile-time settings.
 
-It is crucial that whatever program you use to create your password
-files is configured to use the same type of database.
+    It is crucial that whatever program you use to create your password
+    files is configured to use the same type of database.
 
AuthDBMUserFile Directive
Description: 
               Sets the name of a database file containing the list of users and
 passwords for authentication
Syntax:
-              AuthDBMUserFile file-path
Context:
+              AuthDBMUserFile file-path
Context:
               directory, .htaccess
Override:
               AuthConfig
Status:
               Extension
Module:
               mod_authn_dbm

     The AuthDBMUserFile directive sets the
     name of a DBM file containing the list of users and passwords for
-    user authentication. File-path is the absolute path to
+    user authentication. File-path is the absolute path to
     the user file.
 
     The user file is keyed on the username. The value for a user is
@@ -69,8 +68,8 @@ passwords for authenticationAuthDBMUserFile.

 
     Important compatibility note: The implementation of
-    "dbmopen" in the apache modules reads the string length of the
-    hashed values from the DBM data structures, rather than relying
+    dbmopen in the apache modules reads the string length of
+    the hashed values from the DBM data structures, rather than relying
     upon the string being NULL-appended. Some applications, such as
     the Netscape web server, rely upon the string being
     NULL-appended, so if you are having trouble using DBM files
diff --git a/docs/manual/mod/mod_authn_default.html.en b/docs/manual/mod/mod_authn_default.html.en
new file mode 100644
index 0000000000..71338ecc51
--- /dev/null
+++ b/docs/manual/mod/mod_authn_default.html.en
@@ -0,0 +1,39 @@
+
+
+mod_authn_default - Apache HTTP ServerModules | Directives | FAQ | Glossary | Sitemap
Apache HTTP Server Version 2.1
Apache > HTTP Server > Documentation > Version 2.1 > Modules
Apache Module mod_authn_default
Description:
+                  Authentication fallback module
Status:
+                  Base
Module Identifier:
+                  authn_default_module
Source File:
+                  mod_authn_default.c
Compatibility:
+                  Available in Apache 2.1 and later
Summary
+    This module is designed to be the fallback module, if you don't
+    have configured an authentication module like
+    mod_auth_basic. It simply rejects any
+    credentials supplied by the user.
+
Directives
 AuthDefaultAuthoritative
+
AuthDefaultAuthoritative Directive
Description: 
+              Sets whether authentication is passed to lower level
+modules
Syntax:
+              AuthDefaultAuthoritative On|Off
Default: 
+              AuthDefaultAuthoritative On
Context:
+              directory, .htaccess
Override:
+              AuthConfig
Status:
+              Base
Module:
+              mod_authn_default
+    Setting the AuthDefaultAuthoritative directive
+    explicitly to Off allows for authentication to be passed on
+    to lower level modules (as defined in the modules.c
+    files).
+
+    Note
+      Normally there are no lower level modules, since
+      mod_authn_default is defined to be already on
+      a very low level. Therefore you should leave the value of
+      AuthDefaultAuthoritative as default
+      (On).
+    
+
Maintained by the Apache HTTP Server Documentation Project
Modules | Directives | FAQ | Glossary | Sitemap
\ No newline at end of file
diff --git a/docs/manual/mod/mod_authn_file.html.en b/docs/manual/mod/mod_authn_file.html.en
index 2545080be4..41da1a920e 100644
--- a/docs/manual/mod/mod_authn_file.html.en
+++ b/docs/manual/mod/mod_authn_file.html.en
@@ -10,7 +10,6 @@
                   authn_file_moduleSource File:
                   mod_authn_file.cCompatibility:
                   Available in Apache 2.1 and laterSummary
-
     This module provides authentication front-ends such as
     mod_auth_digest and mod_auth_basic
     to authenticate users by looking up users in plain text password files.
@@ -20,53 +19,67 @@
     mod_auth_digest, this module is invoked via the
     AuthBasicProvider or
     AuthDigestProvider
-    with the 'file' value.
-
+    with the file value.
 
Directives
 AuthUserFile
-
See also
AuthName
AuthType

+
See also

   AuthBasicProvider
 

   AuthDigestProvider
-
AuthUserFile Directive
Description: 
+htpasswd
htdigest
AuthUserFile Directive
Description: 
               Sets the name of a text file containing the list of users and
 passwords for authentication
Syntax:
-              AuthUserFile file-path
Context:
+              AuthUserFile file-path
Context:
               directory, .htaccess
Override:
               AuthConfig
Status:
               Base
Module:
               mod_authn_file
     The AuthUserFile directive sets the name
     of a textual file containing the list of users and passwords for
-    user authentication. File-path is the path to the user
-    file. If it is not absolute (i.e., if it doesn't begin
-    with a slash), it is treated as relative to the ServerRoot.
+    user authentication. File-path is the path to the user
+    file. If it is not absolute, it is treated as relative to the
+    ServerRoot.
 
     Each line of the user file contains a username followed by
-    a colon, followed by the crypt() encrypted
-    password. The behavior of multiple occurrences of the same user is
-    undefined.
+    a colon, followed by the encrypted password. If the same user
+    ID is defined multiple times, mod_authn_file will
+    use the first occurrence to verify the password.
 
     The utility htpasswd
     which is installed as part of the binary distribution, or which
     can be found in src/support, is used to maintain
-    this password file. See the man page for more
-    details. In short:
+    the password file for HTTP Basic Authentication. See the
+    man page for more details.
+    In short:
+
+    Create a password file Filename with
+    username as the initial ID. It will prompt for
+    the password:
 
-    Create a password file 'Filename' with 'username' as the
-    initial ID. It will prompt for the password:
-    htpasswd -c Filename username
+    
+      htpasswd -c Filename username
+    
 
-    Add or modify 'username2' in the password file 'Filename':
-    htpasswd Filename username2
+    Add or modify username2 in the password file
+    Filename:
+
+    
+      htpasswd Filename username2
+    
 
     Note that searching large text files is very
     inefficient; AuthDBMUserFile should be used
     instead.
 
-    Security
-    Make sure that the AuthUserFile is
-	stored outside the document tree of the web-server; do not
-	put it in the directory that it protects. Otherwise, clients will
-	be able to download the AuthUserFile.
+    If you are using HTTP Digest Authentication, the htpasswd tool is not sufficient.
+    You have to use htdigest
+    instead. Note that you cannot mix user data for Digest Authentication
+    and Basic Authentication within the same file.
+
+    Security
+      Make sure that the AuthUserFile is
+      stored outside the document tree of the web-server. Do
+      not put it in the directory that it protects.
+      Otherwise, clients may be able to download the
+      AuthUserFile.
     
 
Maintained by the Apache HTTP Server Documentation Project
Modules | Directives | FAQ | Glossary | Sitemap
\ No newline at end of file
diff --git a/docs/manual/mod/mod_authz_dbm.html.en b/docs/manual/mod/mod_authz_dbm.html.en
index b3f598cc1a..224a8d03a1 100644
--- a/docs/manual/mod/mod_authz_dbm.html.en
+++ b/docs/manual/mod/mod_authz_dbm.html.en
@@ -20,14 +20,14 @@
 See also
Require
Satisfy
AuthDBMGroupFile Directive
Description: 
               Sets the name of the database file containing the list
 of user groups for authentication
Syntax:
-              AuthDBMGroupFile file-path
Context:
+              AuthDBMGroupFile file-path
Context:
               directory, .htaccess
Override:
               AuthConfig
Status:
               Extension
Module:
               mod_authz_dbm
     The AuthDBMGroupFile directive sets the
     name of a DBM file containing the list of user groups for user
-    authentication.  File-path is the absolute path to the
+    authentication.  File-path is the absolute path to the
     group file.
 
     The group file is keyed on the username. The value for a
@@ -35,12 +35,14 @@ of user groups for authentication
AuthDBMGroupFile is stored outside the
-    document tree of the web-server; do not put it in the
-    directory that it protects. Otherwise, clients will be able to
-    download the AuthDBMGroupFile unless
-    otherwise protected.
+    Security
+      Make sure that the AuthDBMGroupFile is
+      stored outside the document tree of the web-server. Do
+      not put it in the directory that it protects.
+      Otherwise, clients will be able to download the
+      AuthDBMGroupFile unless otherwise
+      protected.
+    
 
     Combining Group and Password DBM files: In some cases it is
     easier to manage a single database which contains both the
@@ -50,41 +52,40 @@ of user groups for authentication

-AuthDBMGroupFile /www/userbase

-AuthDBMUserFile /www/userbase
-
+    
+      AuthDBMGroupFile /www/userbase

+      AuthDBMUserFile /www/userbase
+    
 
     The key for the single DBM is the username. The value consists
     of
 
-Unix Crypt-ed Password : List of Groups [ : (ignored)
-      ]
+    
+      Encrypted Password : List of Groups [ : (ignored) ]
+    
 
-    The password section contains the Unix crypt()
+    
The password section contains the encrypted
     password as before. This is followed by a colon and the comma
     separated list of groups. Other data may optionally be left in the
     DBM file after another colon; it is ignored by the authentication
     module. This is what www.telescope.org uses for its combined
     password and group database.
 
AuthzDBMAuthoritative Directive
Description: 
-              Sets whether authorization will be passed on to lower level modules
Syntax:
-              AuthzDBMAuthoritative on|off
Default: 
-              AuthzDBMAuthoritative on
Context:
+              Sets whether authorization will be passed on to lower level
+modules
Syntax:
+              AuthzDBMAuthoritative On|Off
Default: 
+              AuthzDBMAuthoritative On
Context:
               directory, .htaccess
Override:
               AuthConfig
Status:
               Extension
Module:
               mod_authz_dbm
-
     Setting the AuthzDBMAuthoritative
-    directive explicitly to 'off' allows for both
-    authentication and authorization to be passed on to lower level
-    modules (as defined in the Configuration and
-    modules.c file if there is no userID
-    or rule matching the supplied userID. If there is
-    a userID and/or rule specified; the usual password and access
-    checks will be applied and a failure will give an Authorization
-    Required reply.
+    directive explicitly to Off allows group authorization
+    to be passed on to lower level modules (as defined in the
+    modules.c file) if there is no group found
+    for the the supplied userID. If there are any groups
+    specified, the usual checks will be applied and a failure will
+    give an Authentication Required reply.
 
     So if a userID appears in the database of more than one module;
     or if a valid Require
@@ -93,21 +94,24 @@ AuthDBMUserFile /www/userbase
     regardless of the AuthAuthoritative setting.
 
     A common use for this is in conjunction with one of the
-    auth providers; such as mod_authn_file. Whereas this
-    DBM module supplies the bulk of the user credential checking; a
-    few (administrator) related accesses fall through to a lower
-    level with a well protected .htpasswd file.
+    auth providers; such as mod_authn_dbm or
+    mod_authn_file. Whereas this DBM module supplies
+    the bulk of the user credential checking; a few (administrator) related
+    accesses fall through to a lower level with a well protected
+    .htpasswd file.
 
-    By default, control is not passed on and an unknown userID
-    or rule will result in an Authorization Required reply. Not
+    
By default, control is not passed on and an unknown group
+    will result in an Authentication Required reply. Not
     setting it thus keeps the system secure and forces an NCSA
     compliant behaviour.
 
-    Security: Do consider the implications of allowing a user to
-    allow fall-through in his .htaccess file; and verify that this
-    is really what you want; Generally it is easier to just secure
-    a single .htpasswd file, than it is to secure a database which
-    might have more access interfaces.
+    Security
+      Do consider the implications of allowing a user to
+      allow fall-through in his .htaccess file; and verify that this
+      is really what you want; Generally it is easier to just secure
+      a single .htpasswd file, than it is to secure a
+      database which might have more access interfaces.
+    
 
AuthzDBMType Directive
Description: 
               Sets the type of database file that is used to
 store passwords
Syntax:
@@ -116,14 +120,12 @@ store passwords
Syntax:
               directory, .htaccess
Override:
               AuthConfig
Status:
               Extension
Module:
-              mod_authz_dbm
Compatibility:
-              Available in version 2.0.30 and later.
-
-Sets the type of database file that is used to store the passwords.
-The default database type is determined at compile time.  The
-availability of other types of database files also depends on
-compile-time settings.
+              mod_authz_dbm
+    Sets the type of database file that is used to store the passwords.
+    The default database type is determined at compile time.  The
+    availability of other types of database files also depends on
+    compile-time settings.
 
-It is crucial that whatever program you use to create your password
-files is configured to use the same type of database.
+    It is crucial that whatever program you use to create your password
+    files is configured to use the same type of database.

Description:	Sets the name of a database file containing the list of users and passwords for authentication
Syntax: -	`AuthDBMUserFile file-path`
Context: +	`AuthDBMUserFile file-path`
Context:	directory, .htaccess
Override:	AuthConfig
Status:	Extension
Module:	mod_authn_dbm

Description: +	Authentication fallback module
Status: +	Base
Module Identifier: +	authn_default_module
Source File: +	mod_authn_default.c
Compatibility: +	Available in Apache 2.1 and later

Description: +	Sets whether authentication is passed to lower level +modules
Syntax: +	`AuthDefaultAuthoritative On\|Off`
Default: +	`AuthDefaultAuthoritative On`
Context: +	directory, .htaccess
Override: +	AuthConfig
Status: +	Base
Module: +	mod_authn_default


\ No newline at end of file
diff --git a/docs/manual/mod/mod_authz_default.html.en b/docs/manual/mod/mod_authz_default.html.en
new file mode 100644
index 0000000000..02b00a80ad
--- /dev/null
+++ b/docs/manual/mod/mod_authz_default.html.en
@@ -0,0 +1,39 @@
+
+
+mod_authz_default - Apache HTTP ServerModules | Directives | FAQ | Glossary | Sitemap
Apache HTTP Server Version 2.1
Apache > HTTP Server > Documentation > Version 2.1 > Modules
Apache Module mod_authz_default
Description:
+                  Authorization fallback module
Status:
+                  Base
Module Identifier:
+                  authz_default_module
Source File:
+                  mod_authz_default.c
Compatibility:
+                  Available in Apache 2.1 and later
Summary
+    This module is designed to be the fallback module, if you don't
+    have configured an authorization module like
+    mod_authz_user or mod_authz_groupfile.
+    It simply rejects any authorization request.
+
Directives
 AuthzDefaultAuthoritative
+
AuthzDefaultAuthoritative Directive
Description: 
+              Sets whether authorization is passed to lower level
+modules
Syntax:
+              AuthzDefaultAuthoritative On|Off
Default: 
+              AuthzDefaultAuthoritative On
Context:
+              directory, .htaccess
Override:
+              AuthConfig
Status:
+              Base
Module:
+              mod_authz_default
+    Setting the AuthzDefaultAuthoritative directive
+    explicitly to Off allows for authorization to be passed on
+    to lower level modules (as defined in the modules.c
+    files).
+
+    Note
+      Normally there are no lower level modules, since
+      mod_authz_default is defined to be already on
+      a very low level. Therefore you should leave the value of
+      AuthzDefaultAuthoritative as default
+      (On).
+    
+
Maintained by the Apache HTTP Server Documentation Project
Modules | Directives | FAQ | Glossary | Sitemap
\ No newline at end of file
diff --git a/docs/manual/mod/mod_authz_groupfile.html.en b/docs/manual/mod/mod_authz_groupfile.html.en
index ea7ab5d92c..eb3e4a8dde 100644
--- a/docs/manual/mod/mod_authz_groupfile.html.en
+++ b/docs/manual/mod/mod_authz_groupfile.html.en
@@ -6,78 +6,70 @@
         XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
       -->mod_authz_groupfile - Apache HTTP ServerModules | Directives | FAQ | Glossary | Sitemap
Apache HTTP Server Version 2.1
Apache > HTTP Server > Documentation > Version 2.1 > Modules
Apache Module mod_authz_groupfile
Description:
                   Group authorization using plaintext files
Status:
-                  Extension
Module Identifier:
+                  Base
Module Identifier:
                   authz_groupfile_module
Source File:
                   mod_authz_groupfile.c
Compatibility:
                   Available in Apache 2.1 and later
Summary
     This module provides authorization capabilities so that
-       authenticated users can be allowed or denied access to portions
-       of the web site by group membership. Similar functionality is
-       provided by mod_authz_dbm.
+    authenticated users can be allowed or denied access to portions
+    of the web site by group membership. Similar functionality is
+    provided by mod_authz_dbm.
 
Directives
 AuthGroupFile
  AuthzGroupFileAuthoritative
 
See also
Require
Satisfy
AuthGroupFile Directive
Description: 
               Sets the name of a text file containing the list
 of user groups for authentication
Syntax:
-              AuthGroupFile file-path
Context:
+              AuthGroupFile file-path
Context:
               directory, .htaccess
Override:
               AuthConfig
Status:
-              Extension
Module:
+              Base
Module:
               mod_authz_groupfile
     The AuthGroupFile directive sets the
     name of a textual file containing the list of user groups for user
-    authentication.  File-path is the path to the group
-    file. If it is not absolute (i.e., if it doesn't begin
-    with a slash), it is treated as relative to the ServerRoot.
+    authentication. File-path is the path to the group
+    file. If it is not absolute, it is treated as relative to the ServerRoot.
 
     Each line of the group file contains a groupname followed by a
-    colon, followed by the member usernames separated by spaces.
-    Example: 
+    colon, followed by the member usernames separated by spaces.
 
-    mygroup: bob joe anne 
+    Example:

+      mygroup: bob joe anne
+     
 
     Note that searching large text files is very
-    inefficient; AuthDBMGroupFile should be used
-    instead.
+    inefficient; AuthDBMGroupFile provides a much better performance.
 
-    Security
-    Make sure that the AuthGroupFile is
-	stored outside the document tree of the web-server; do not
-	put it in the directory that it protects. Otherwise, clients will
-	be able to download the AuthGroupFile.
+    Security
+      Make sure that the AuthGroupFile is
+      stored outside the document tree of the web-server; do not
+      put it in the directory that it protects. Otherwise, clients may
+      be able to download the AuthGroupFile.
     
 
AuthzGroupFileAuthoritative Directive
Description: 
-              Sets whether authorization will be passed on to lower level modules
Syntax:
-              AuthzGroupFileAuthoritative on|off
Default: 
-              AuthzGroupFileAuthoritative on
Context:
+              Sets whether authorization will be passed on to lower level
+modules
Syntax:
+              AuthzGroupFileAuthoritative On|Off
Default: 
+              AuthzGroupFileAuthoritative On
Context:
               directory, .htaccess
Override:
               AuthConfig
Status:
-              Extension
Module:
+              Base
Module:
               mod_authz_groupfile
-
     Setting the AuthzGroupFileAuthoritative
-    directive explicitly to 'off' allows for
-    authorization to be passed on to lower level modules (as defined in
-    the Configuration and modules.c file if
-    there is no userID or rule matching
-    the supplied userID. If there is a userID and/or rule specified; the
-    usual password and access checks will be applied and a failure will
-    give an Authorization Required reply.
-
-    So if a valid Require
-    directive applies to more than one module; then the first module
-    will verify the credentials; and no access is passed on;
-    regardless of the AuthzGroupFileAuthoritative
-    setting.
+    directive explicitly to Off allows for
+    group authorization to be passed on to lower level modules (as defined
+    in the modules.c files) if there is no
+    group matching the supplied userID.
 
-    By default, control is not passed on and an unknown userID
-    or rule will result in an Authorization Required reply. Not
+    
By default, control is not passed on and an unknown group
+    will result in an Authentication Required reply. Not
     setting it thus keeps the system secure and forces an NCSA
     compliant behaviour.
 
-    Security: Do consider the implications of allowing a user to
-    allow fall-through in his .htaccess file; and verify that this
-    is really what you want; Generally it is easier to just secure
-    a single .htpasswd file, than it is to secure a database which
-    might have more access interfaces.
+    Security
+      Do consider the implications of allowing a user to
+      allow fall-through in his .htaccess file; and verify
+      that this is really what you want; Generally it is easier to just
+      secure a single .htpasswd file, than it is to secure
+      a database which might have more access interfaces.
+    
 
Maintained by the Apache HTTP Server Documentation Project
Modules | Directives | FAQ | Glossary | Sitemap
\ No newline at end of file
diff --git a/docs/manual/mod/mod_authz_host.html.en b/docs/manual/mod/mod_authz_host.html.en
index 641a443be6..aafe0ef77e 100644
--- a/docs/manual/mod/mod_authz_host.html.en
+++ b/docs/manual/mod/mod_authz_host.html.en
@@ -42,14 +42,12 @@ address)Status:
 See alsoSatisfy
Require

Description: +	Authorization fallback module
Status: +	Base
Module Identifier: +	authz_default_module
Source File: +	mod_authz_default.c
Compatibility: +	Available in Apache 2.1 and later

Description: +	Sets whether authorization is passed to lower level +modules
Syntax: +	`AuthzDefaultAuthoritative On\|Off`
Default: +	`AuthzDefaultAuthoritative On`
Context: +	directory, .htaccess
Override: +	AuthConfig
Status: +	Base
Module: +	mod_authz_default

Description:	Group authorization using plaintext files
Status: -	Extension
Module Identifier: +	Base
Module Identifier:	authz_groupfile_module
Source File:	mod_authz_groupfile.c
Compatibility:	Available in Apache 2.1 and later

Description:	Sets the name of a text file containing the list of user groups for authentication
Syntax: -	`AuthGroupFile file-path`
Context: +	`AuthGroupFile file-path`
Context:	directory, .htaccess
Override:	AuthConfig
Status: -	Extension
Module: +	Base
Module:	mod_authz_groupfile

Description: -	Sets whether authorization will be passed on to lower level modules
Syntax: -	`AuthzGroupFileAuthoritative on\|off`
Default: -	`AuthzGroupFileAuthoritative on`
Context: +	Sets whether authorization will be passed on to lower level +modules
Syntax: +	`AuthzGroupFileAuthoritative On\|Off`
Default: +	`AuthzGroupFileAuthoritative On`
Context:	directory, .htaccess
Override:	AuthConfig
Status: -	Extension
Module: +	Base
Module:	mod_authz_groupfile

Allow Directive
Description: 
               Controls which hosts can access an area of the
 server
Syntax:
-               Allow from
-    all|host|env=env-variable
-    [host|env=env-variable] ...
Context:
+               Allow from all|host|env=env-variable
+[host|env=env-variable] ...
Context:
               directory, .htaccess
Override:
               Limit
Status:
               Base
Module:
               mod_authz_host
-
     The Allow directive affects which hosts can
     access an area of the server. Access can be controlled by
     hostname, IP Address, IP Address range, or by other
@@ -68,38 +66,52 @@ serverSyntax:
     

       A (partial) domain-name
 
-      Example: Allow from apache.org

-       Hosts whose names match, or end in, this string are allowed
+      
+      Example:

+        Allow from apache.org
+      
+      Hosts whose names match, or end in, this string are allowed
       access. Only complete components are matched, so the above
       example will match foo.apache.org but it will
       not match fooapache.org. This configuration will
       cause the server to perform a reverse DNS lookup on the
       client IP address, regardless of the setting of the HostnameLookups
-      directive.
+      directive.
 
       A full IP address
 
-      Example: Allow from 10.1.2.3

-       An IP address of a host allowed access
+      
+      Example:

+        Allow from 10.1.2.3
+      
+      An IP address of a host allowed access
 
       A partial IP address
 
-      Example: Allow from 10.1

-       The first 1 to 3 bytes of an IP address, for subnet
-      restriction.
+      
+      Example:

+        Allow from 10.1
+      
+      The first 1 to 3 bytes of an IP address, for subnet
+      restriction.
 
       A network/netmask pair
 
-      Example: Allow from
-      10.1.0.0/255.255.0.0

-       A network a.b.c.d, and a netmask w.x.y.z. For more
-      fine-grained subnet restriction.
+      
+      Example:

+        Allow from 10.1.0.0/255.255.0.0
+      
+      A network a.b.c.d, and a netmask w.x.y.z. For more
+      fine-grained subnet restriction.
 
       A network/nnn CIDR specification
 
-      Example: Allow from 10.1.0.0/16

-       Similar to the previous case, except the netmask consists of
-      nnn high-order 1 bits.
+      
+      Example:

+        Allow from 10.1.0.0/16
+      
+      Similar to the previous case, except the netmask consists of
+      nnn high-order 1 bits.
     
 
     Note that the last three examples above match exactly the
@@ -116,25 +128,26 @@ serverSyntax:

The third format of the arguments to the Allow directive allows access to the server to be controlled based on the existence of an environment variable. When Allow from - env=env-variable is specified, then the request is - allowed access if the environment variable env-variable + env=env-variable is specified, then the request is + allowed access if the environment variable env-variable exists. The server provides the ability to set environment variables in a flexible way based on characteristics of the client request using the directives provided by - mod_setenvif. Therefore, this directive can be + mod_setenvif. Therefore, this directive can be used to allow access based on such factors as the clients User-Agent (browser type), Referer, or other HTTP request header fields.

Example:

- -SetEnvIf User-Agent ^KnockKnock/2.0 let_me_in -<Directory /docroot> - Order Deny,Allow - Deny from all - Allow from env=let_me_in -</Directory> -

Example:

+ SetEnvIf User-Agent ^KnockKnock/2.0 let_me_in + <Directory /docroot> + + Order Deny,Allow + Deny from all + Allow from env=let_me_in + + </Directory> +

In this case, browsers with a user-agent string beginning with KnockKnock/2.0 will be allowed access, and all @@ -142,9 +155,8 @@ SetEnvIf User-Agent ^KnockKnock/2.0 let_me_in

Description:	Controls which hosts can access an area of the server
Syntax: -	`Allow from - all\|host\|env=env-variable - [host\|env=env-variable] ...`
Context: +	`Allow from all\|host\|env=env-variable +[host\|env=env-variable] ...`
Context:	directory, .htaccess
Override:	Limit
Status:	Base
Module:	mod_authz_host

Deny Directive

Module: @@ -157,28 +169,27 @@ server
Description:	Controls which hosts are denied access to the server
Syntax: -	`Deny from - all\|host\|env=env-variable - [host\|env=env-variable] ...`
Context: +	`Deny from all\|host\|env=env-variable +[host\|env=env-variable] ...`
Context:	directory, .htaccess
Override:	Limit
Status:	Base
Syntax:	Controls the default access state and the order in which Allow and Deny are evaluated.
Syntax: -	`Order ordering`
Default: +	`Order ordering`
Default:	`Order Deny,Allow`
Context:	directory, .htaccess
Override:	Limit
Status:	Base
Module:	mod_authz_host

The Order directive controls the default access state and the order in which Allow and Deny directives are evaluated. - Ordering is one of

+ Ordering is one of

Deny,Allow
Deny,Allow: The Deny directives are evaluated before the Allow directives. Access is - allowed by default. Any client which does not match a + allowed by default. Any client which does not match a Deny directive or does match an Allow directive will be allowed access to the server.
Allow,Deny
Allow,Deny: The Allow directives are evaluated before the Deny directives. Access is denied @@ -186,7 +197,7 @@ evaluated.Syntax: Deny directive will be denied access to the server.
Mutual-failure
Mutual-failure: Only those hosts which appear on the Allow list and do not appear on the Deny list are @@ -195,17 +206,17 @@ evaluated.Syntax: configuration.

Keywords may only be separated by a comma; no whitespace is +

Keywords may only be separated by a comma; no whitespace is allowed between them. Note that in all cases every Allow and Deny statement is evaluated.

In the following example, all hosts in the apache.org domain are allowed access; all other hosts are denied access.

+

Order Deny,Allow Deny from all - Allow from apache.org -


+      Allow from apache.org
+

In the next example, all hosts in the apache.org domain are allowed access, except for the hosts which are in the @@ -213,11 +224,11 @@ evaluated.Syntax: in the apache.org domain are denied access because the default state is to deny access to the server.

- Order Allow,Deny - Allow from apache.org - Deny from foo.apache.org -

+ Order Allow,Deny + Allow from apache.org + Deny from foo.apache.org +

On the other hand, if the Order in the last example is changed to Deny,Allow, all hosts will @@ -232,13 +243,15 @@ evaluated.Syntax:

The presence of an Order directive can affect access to a part of the server even in the absence of accompanying Allow and Deny directives because of its effect - on the default access state. For example,

+ on the default access state. For example,

+

<Directory /www> - Order Allow,Deny + + Order Allow,Deny + </Directory> -

will deny all access to the /www directory because the default access state will be set to diff --git a/docs/manual/mod/mod_authz_user.html.en b/docs/manual/mod/mod_authz_user.html.en new file mode 100644 index 0000000000..20b2865bbd --- /dev/null +++ b/docs/manual/mod/mod_authz_user.html.en @@ -0,0 +1,39 @@ + + +mod_authz_user - Apache HTTP Server

Apache > HTTP Server > Documentation > Version 2.1 > Modules

Apache Module mod_authz_user

Description: +	User Authorization
Status: +	Base
Module Identifier: +	authz_user_module
Source File: +	mod_authz_user.c
Compatibility: +	Available in Apache 2.1 and later

Summary

This module provides authorization capabilities so that + authenticated users can be allowed or denied access to portions + of the web site. mod_authz_user grants + access if the authenticated user is listed in a Require user + directive. Alternatively require valid-user can be used to + grant access to all successfully authenticated users.

Directives

AuthzUserAuthoritative

AuthzUserAuthoritative Directive

Description: +	Sets whether authorization will be passed on to lower level +modules
Syntax: +	`AuthzUserAuthoritative On\|Off`
Default: +	`AuthzUserAuthoritative On`
Context: +	directory, .htaccess
Override: +	AuthConfig
Status: +	Base
Module: +	mod_authz_user

Setting the AuthzUserAuthoritative + directive explicitly to Off allows for + user authorization to be passed on to lower level modules (as defined + in the modules.c files) if there is no + user matching the supplied userID.

+ +

By default, control is not passed on and an unknown user + will result in an Authentication Required reply. Not + setting it to Off thus keeps the system secure and forces + an NCSA compliant behaviour.

\ No newline at end of file diff --git a/docs/manual/mod/quickreference.html.en b/docs/manual/mod/quickreference.html.en index dd62a58725..6d4815a56d 100644 --- a/docs/manual/mod/quickreference.html.en +++ b/docs/manual/mod/quickreference.html.en @@ -90,50 +90,50 @@ onto the specified content type AliasMatch regex file-path|directory-pathsvBMaps URLs to filesystem locations using regular expressions - Allow from - all|host|env=env-variable - [host|env=env-variable] ...dhBControls which hosts can access an area of the + Allow from all|host|env=env-variable +[host|env=env-variable] ...dhBControls which hosts can access an area of the server AllowCONNECT port [port] ... 443 563 svEPorts that are allowed to CONNECT through the proxy AllowOverride All|None|directive-type [directive-type] ... All dCTypes of directives that are allowed in .htaccess files -Anonymous user [user] ...dhESpecifies userIDs that areallowed access without +Anonymous user [user] ...dhESpecifies userIDs that areallowed access without password verification -Anonymous_Authoritative on|off off dhEConfigures if authorization will fall-through -to other methods -Anonymous_LogEmail on|off on dhESets whether the password entered will be logged in the +Anonymous_LogEmail On|Off On dhESets whether the password entered will be logged in the error log -Anonymous_MustGiveEmail on|off on dhESpecifies whether blank passwords are allowed -Anonymous_NoUserID on|off off dhESets whether the userID field may be empty -Anonymous_VerifyEmail on|off off dhESets whether to check the password field for a correctly +Anonymous_MustGiveEmail On|Off On dhESpecifies whether blank passwords are allowed +Anonymous_NoUserID On|Off Off dhESets whether the userID field may be empty +Anonymous_VerifyEmail On|Off Off dhESets whether to check the password field for a correctly formatted email address -AssignUserID user_id group_idvM- -AuthBasicAuthoritative on|off on dhBSets whether authorization and authentication are -passed to lower level modules -AuthBasicProvider provider-namedhBSets the authentication provider(s) for this location -AuthDBMGroupFile file-pathdhESets the name of the database file containing the list +AssignUserID user_id group_idvM- +AuthBasicAuthoritative On|Off On dhBSets whether authorization and authentication are passed to +lower level modules +AuthBasicProvider On|Off|provider-name +[provider-name] ... On dBSets the authentication provider(s) for this location +AuthDBMGroupFile file-pathdhESets the name of the database file containing the list of user groups for authentication -AuthDBMType default|SDBM|GDBM|NDBM|DB default dhESets the type of database file that is used to +AuthDBMType default|SDBM|GDBM|NDBM|DB default dhESets the type of database file that is used to store passwords -AuthDBMUserFile file-pathdhESets the name of a database file containing the list of users and +AuthDBMUserFile file-pathdhESets the name of a database file containing the list of users and passwords for authentication +AuthDefaultAuthoritative On|Off On dhBSets whether authentication is passed to lower level +modules AuthDigestAlgorithm MD5|MD5-sess MD5 dhXSelects the algorithm used to calculate the challenge and response hases in digest authentication AuthDigestDomain URI [URI] ...dhXURIs that are in the same protection space for digest authentication -AuthDigestFile file-pathdhXLocation of the text file containing the list -of users and encoded passwords for digest authentication -AuthDigestGroupFile file-pathdhXName of the text file containing the list of groups -for digest authentication AuthDigestNcCheck On|Off Off sXEnables or disables checking of the nonce-count sent by the server AuthDigestNonceFormat formatdhXDetermines how the nonce is generated AuthDigestNonceLifetime seconds 300 dhXHow long the server nonce is valid -AuthDigestQop none|auth|auth-int [auth|auth-int] auth dhXDetermines the quality-of-protection to use in digest +AuthDigestProvider On|Off|provider-name +[provider-name] ...dXSets the authentication provider(s) for this location +AuthDigestQop none|auth|auth-int [auth|auth-int] auth dhXDetermines the quality-of-protection to use in digest authentication -AuthGroupFile file-pathdhESets the name of a text file containing the list +AuthDigestShmemSize size 1000 sXThe amount of shared memory to allocate for keeping track +of clients +AuthGroupFile file-pathdhBSets the name of a text file containing the list of user groups for authentication AuthLDAPAuthoritative on|off on dhXPrevent other authentication modules from authenticating the user if this one fails @@ -153,12 +153,18 @@ environment variable AuthName auth-domaindhCAuthorization realm for use in HTTP authentication AuthType Basic|DigestdhCType of user authentication -AuthUserFile file-pathdhBSets the name of a text file containing the list of users and +AuthUserFile file-pathdhBSets the name of a text file containing the list of users and passwords for authentication -AuthzDBMAuthoritative on|off on dhESets whether authorization will be passed on to lower level modules +AuthzDBMAuthoritative On|Off On dhESets whether authorization will be passed on to lower level +modules AuthzDBMType default|SDBM|GDBM|NDBM|DB default dhESets the type of database file that is used to store passwords -AuthzGroupFileAuthoritative on|off on dhESets whether authorization will be passed on to lower level modules +AuthzDefaultAuthoritative On|Off On dhBSets whether authorization is passed to lower level +modules +AuthzGroupFileAuthoritative On|Off On dhBSets whether authorization will be passed on to lower level +modules +AuthzUserAuthoritative On|Off On dhBSets whether authorization will be passed on to lower level +modules BrowserMatch regex [!]env-variable[=value] [[!]env-variable[=value]] ...svdhBSets environment variables conditional on HTTP User-Agent @@ -245,9 +251,8 @@ server cannot determine a type in any other way DeflateFilterNote notenamesvEPlaces the compression ratio in a note for logging DeflateMemLevel value 9 svEHow much memory should be used by zlib for compression DeflateWindowSize value 15 svEZlib compression window size - Deny from - all|host|env=env-variable - [host|env=env-variable] ...dhBControls which hosts are denied access to the + Deny from all|host|env=env-variable +[host|env=env-variable] ...dhBControls which hosts are denied access to the server <Directory directory-path> ... </Directory>svCEnclose a group of directives that apply only to the @@ -415,7 +420,7 @@ to directly Options [+|-]option [[+|-]option] ... All svdhCConfigures what features are available in a particular directory - Order ordering Deny,Allow dhBControls the default access state and the order in which + Order ordering Deny,Allow dhBControls the default access state and the order in which Allow and Deny are evaluated. PassEnv env-variable [env-variable] diff --git a/docs/manual/sitemap.html.en b/docs/manual/sitemap.html.en index a24657ce92..a8bdc401d3 100644 --- a/docs/manual/sitemap.html.en +++ b/docs/manual/sitemap.html.en @@ -98,10 +98,13 @@ Server on HPUX

Apache Module mod_auth_ldap

Apache Module mod_authn_anon

Apache Module mod_authn_dbm

Apache Module mod_authn_default

Apache Module mod_authn_file

Apache Module mod_authz_dbm

Apache Module mod_authz_default

Apache Module mod_authz_groupfile

Apache Module mod_authz_host

Apache Module mod_authz_user

Apache Module mod_autoindex

Apache Module mod_cache

Apache Module mod_cern_meta