From: André Malo Date: Wed, 9 Oct 2002 01:27:48 +0000 (+0000) Subject: update transformation X-Git-Tag: 2.0.44~331 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=ecc81a9ecc50f3c9c95d313ba74ababcea700ccd;p=apache update transformation git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@97154 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/docs/manual/env.html.en b/docs/manual/env.html.en index 9621265de2..fa9270eca7 100644 --- a/docs/manual/env.html.en +++ b/docs/manual/env.html.en @@ -94,7 +94,7 @@
top

Using Environment Variables

-
Related ModulesRelated Directives
+
Related ModulesRelated Directives

CGI Scripts

diff --git a/docs/manual/howto/htaccess.html.en b/docs/manual/howto/htaccess.html.en index e981de9fd5..4e3919e079 100644 --- a/docs/manual/howto/htaccess.html.en +++ b/docs/manual/howto/htaccess.html.en @@ -8,7 +8,7 @@

.htaccess files provide a way to make configuration changes on a per-directory basis.

top

.htaccess files

-
Related ModulesRelated Directives
+
Related ModulesRelated Directives
top

What they are/How to use them

diff --git a/docs/manual/install.html.en b/docs/manual/install.html.en index 3b5f396ed7..e1567b5a07 100644 --- a/docs/manual/install.html.en +++ b/docs/manual/install.html.en @@ -470,7 +470,7 @@

DBM

Several Apache features, including - mod_auth_dbm and mod_rewrite's + mod_authn_dbm and mod_rewrite's DBM RewriteMap use simple key/value databases for quick lookups of information. Apache includes SDBM with its source-code, so this database is always diff --git a/docs/manual/misc/rewriteguide.html.en b/docs/manual/misc/rewriteguide.html.en index dcc93e2ca0..d3caf6549a 100644 --- a/docs/manual/misc/rewriteguide.html.en +++ b/docs/manual/misc/rewriteguide.html.en @@ -2041,7 +2041,7 @@ RewriteRule !^http://[^/.]\.mydomain.com.* - [F] instance a authentication which checks for a set of explicitly configured users. Only these should receive access and without explicit prompting (which would occur - when using the Basic Auth via mod_access).

+ when using the Basic Auth via mod_auth_basic).

Solution:
diff --git a/docs/manual/mod/core.html.en b/docs/manual/mod/core.html.en index a8f95f708e..20b4d389f0 100644 --- a/docs/manual/mod/core.html.en +++ b/docs/manual/mod/core.html.en @@ -213,7 +213,7 @@ response without an explicit character setAuthDBMGroupFile, AuthDBMUserFile, - AuthGroupFile, + AuthGroupFile, AuthName, AuthType, AuthUserFile, Require, etc.). @@ -238,7 +238,7 @@ response without an explicit character setAllow, Deny and Order). + Allow use of the directives controlling host access (Allow, Deny and Order).
Options
@@ -267,8 +267,8 @@ authenticationSyntax: AuthName takes a single argument; if the realm name contains spaces, it must be enclosed in quotation marks. It must be accompanied by AuthType and Require directives, and directives such - as AuthUserFile and - AuthGroupFile to + as AuthUserFile and + AuthGroupFile to work.

For example:

@@ -292,8 +292,8 @@ authenticationSyntax: currently implemented. It must be accompanied by AuthName and Require directives, and directives such - as AuthUserFile and - AuthGroupFile to + as AuthUserFile and + AuthGroupFile to work.

See also

top

CGIMapExtension Directive

Description: @@ -829,7 +829,7 @@ MIME content-type
Syntax: address. (In "tcpwrappers" terminology this is called PARANOID.)

-

Regardless of the setting, when mod_access is +

Regardless of the setting, when mod_authz_host is used for controlling access by hostname, a double reverse lookup will be performed. This is necessary for security. Note that the result of this double-reverse isn't generally available unless you @@ -1753,8 +1753,8 @@ a resource

Syntax:

Require must be accompanied by AuthName and AuthType directives, and directives such - as AuthUserFile - and AuthGroupFile (to + as AuthUserFile + and AuthGroupFile (to define users and groups) in order to work correctly. Example:

@@ -1772,7 +1772,7 @@ a resource

Syntax: place the Require statement into a <Limit> section.

-

See also

top

RLimitCPU Directive

Description: +

See also

top

RLimitCPU Directive

Description: Limits the CPU consumption of processes launched by Apache children
Syntax: RLimitCPU number|max [number|max]
Default: @@ -1865,7 +1865,7 @@ user authentication
Syntax AuthConfig
Status: Core
Module: core
-

Access policy if both Allow and Require used. The parameter can be +

Access policy if both Allow and Require used. The parameter can be either all or any. This directive is only useful if access to a particular area is being restricted by both username/password and client host address. In this case @@ -1888,7 +1888,7 @@ user authentication

Syntax Satisfy any

-

See also

top

ScriptInterpreterSource Directive

Description: +

See also

top

ScriptInterpreterSource Directive

Description: Technique for locating the interpreter for CGI scripts
Syntax: ScriptInterpreterSource registry|script
Default: diff --git a/docs/manual/mod/mod_auth_ldap.html.en b/docs/manual/mod/mod_auth_ldap.html.en index 629e69d7ea..feff2e1edb 100644 --- a/docs/manual/mod/mod_auth_ldap.html.en +++ b/docs/manual/mod/mod_auth_ldap.html.en @@ -63,19 +63,14 @@ for HTTP Basic authentication.
require valid-user -
  • require user
    • -
  • require group
    • -
  • require dn
  • Examples
    • -
  • Using TLS
    • -
  • Using SSL
  • @@ -84,7 +79,6 @@ for HTTP Basic authentication.
    • How It Works -
  • Caveats
    • @@ -428,7 +422,8 @@ require valid-user FrontPage with mod_auth_ldap

    Normally, FrontPage uses FrontPage-web-specific user/group - files (i.e., the mod_auth module) to handle all + files (i.e., the mod_authn_file and + mod_authz_groupfile modules) to handle all authentication. Unfortunately, it is not possible to just change to LDAP authentication by adding the proper directives, because it will break the Permissions forms in @@ -475,8 +470,8 @@ AuthLDAPFrontPageHack on

    • When choosing the LDAP URL, the attribute to use for authentication should be something that will also be valid - for putting into a mod_auth user file. The user ID is - ideal for this.
      • + for putting into a mod_authn_file user file. + The user ID is ideal for this.
    • When adding users via FrontPage, FrontPage administrators should choose usernames that already exist in the LDAP @@ -486,15 +481,18 @@ AuthLDAPFrontPageHack on LDAP database, and not against the password in the local user file. This could cause confusion for web administrators.
      • -
    • Apache must be compiled with mod_auth in order to + +
    • Apache must be compiled with mod_auth_basic, + mod_authn_file and + mod_authz_groupfile in order to use FrontPage support. This is because Apache will still use - the mod_auth group file for determine the extent of a + the mod_authz_groupfile group file for determine the extent of a user's access to the FrontPage web.
    • The directives must be put in the .htaccess files. Attempting to put them inside <Location> or <Directory> directives won't work. This is because mod_auth_ldap has to be able to grab - the AuthUserFile + the AuthUserFile directive that is found in FrontPage .htaccess files so that it knows where to look for the valid user list. If the mod_auth_ldap directives aren't in the same diff --git a/docs/manual/mod/mod_authn_anon.html.en b/docs/manual/mod/mod_authn_anon.html.en index 37ae6bfe48..b19fdff930 100644 --- a/docs/manual/mod/mod_authn_anon.html.en +++ b/docs/manual/mod/mod_authn_anon.html.en @@ -70,7 +70,7 @@ AuthType basic

      # An - AuthUserFile/AuthDBUserFile/AuthDBMUserFile
      + AuthUserFile/AuthDBMUserFile
      # directive must be specified, or use
      # Anonymous_Authoritative for public access.
      # In the .htaccess for the public directory, add:
      diff --git a/docs/manual/mod/mod_authz_host.html.en b/docs/manual/mod/mod_authz_host.html.en index 822c20ca1e..9730a76913 100644 --- a/docs/manual/mod/mod_authz_host.html.en +++ b/docs/manual/mod/mod_authz_host.html.en @@ -11,10 +11,13 @@ address)
    Status: authz_host_module
    Source File: mod_authz_host.c
    Compatibility: Available in Apache 2.0.44 and later

    Summary

    -

    The directives provided by mod_authz_host are used in <Directory>, <Files>, and <Location> sections as well as - .htaccess - files to control access to particular parts of the server. Access - can be controlled based on the client hostname, IP address, or +

    The directives provided by mod_authz_host are + used in <Directory>, + <Files>, and + <Location> sections + as well as .htaccess + files to control access to particular parts of the server. + Access can be controlled based on the client hostname, IP address, or other characteristics of the client request, as captured in environment variables. The Allow and Deny directives are used to specify which clients are or are not allowed access to the server, while the Order diff --git a/docs/manual/mod/mod_info.html.en b/docs/manual/mod/mod_info.html.en index 60bf7c2856..dbebdb5c8e 100644 --- a/docs/manual/mod/mod_info.html.en +++ b/docs/manual/mod/mod_info.html.en @@ -23,7 +23,7 @@ SetHandler server-info

    You may wish to add a <Limit> clause inside the - <location> + <Location> directive to limit access to your server configuration information.

    @@ -69,8 +69,10 @@ information displayed by the server-info handler

    -AddModuleInfo mod_authn_file.c 'See <A \
    - HREF="http://www.apache.org/docs-2.0/mod/mod_authn_file.html">\
    - http://www.apache.org/docs-2.0/mod/mod_authn_file.html</A>' + AddModuleInfo mod_authn_file.c 'See <a \
    + + href="http://www.apache.org/docs-2.0/mod/mod_authn_file.html">\
    + http://www.apache.org/docs-2.0/mod/mod_authn_file.html</a>' +

    \ No newline at end of file diff --git a/docs/manual/ssl/ssl_howto.html.en b/docs/manual/ssl/ssl_howto.html.en index b3a6364773..ea6290a021 100644 --- a/docs/manual/ssl/ssl_howto.html.en +++ b/docs/manual/ssl/ssl_howto.html.en @@ -147,13 +147,13 @@ parts of the server?

    The key is to check for various ingredients of the client certficate. Usually this means to check the whole or part of the Distinguished - Name (DN) of the Subject. For this two methods exists: The mod_auth based variant and the SSLRequire variant. The first method is good when the - clients are of totally different type, i.e. when their DNs have no - common fields (usually the organisation, etc.). In this case you've - to establish a password database containing all clients. The - second method is better when your clients are all part of a common - hierarchy which is encoded into the DN. Then you can match them more - easily.

    + Name (DN) of the Subject. For this two methods exists: The mod_auth_basic based variant and the SSLRequire variant. The first method is + good when the clients are of totally different type, i.e. when their + DNs have no common fields (usually the organisation, etc.). In this + case you've to establish a password database containing all + clients. The second method is better when your clients are all part of + a common hierarchy which is encoded into the DN. Then you can match + them more easily.

    The first method:

    httpd.conf

    @@ -168,6 +168,7 @@ SSLOptions           +FakeBasicAuth
 SSLRequireSSL
 AuthName             "Snake Oil Authentication"
 AuthType             Basic
+AuthBasicProvider    file
 AuthUserFile         /usr/local/apache2/conf/httpd.passwd
 require              valid-user
 </Directory>
    @@ -243,6 +244,7 @@ Allow 192.168.1.0/24 # HTTP Basic Authentication AuthType basic AuthName "Protected Intranet Area" +AuthBasicProvider file AuthUserFile conf/protected.passwd Require valid-user </Directory>