From 9b07279c6b0dff9baeac21350da4ca162a381d78 Mon Sep 17 00:00:00 2001 From: Joshua Slive Date: Mon, 25 Sep 2000 23:59:28 +0000 Subject: [PATCH] Style updates. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@86329 13f79535-47bb-0310-9956-ffa450edef68 --- docs/manual/mod/index-bytype.html | 2 +- docs/manual/mod/index.html | 2 +- docs/manual/mod/mod_auth_anon.html | 138 ++++++++++---------- docs/manual/mod/mod_auth_db.html | 84 ++++++++----- docs/manual/mod/mod_auth_dbm.html | 57 ++++++--- docs/manual/mod/mod_auth_digest.html | 180 +++++++++++++-------------- 6 files changed, 258 insertions(+), 205 deletions(-) diff --git a/docs/manual/mod/index-bytype.html b/docs/manual/mod/index-bytype.html index cbc1ddaa34..19881d096a 100644 --- a/docs/manual/mod/index-bytype.html +++ b/docs/manual/mod/index-bytype.html @@ -91,7 +91,7 @@ directives.
mod_auth_db
User authentication using Berkeley DB files.
mod_auth_anon -
Anonymous user authentication, FTP-style. +
Anonymous user access to authenticated areas.
mod_auth_digest
MD5 authentication
mod_digest diff --git a/docs/manual/mod/index.html b/docs/manual/mod/index.html index 357b5d3c77..7d252b2d87 100644 --- a/docs/manual/mod/index.html +++ b/docs/manual/mod/index.html @@ -39,7 +39,7 @@ directives.
mod_auth
User authentication using text files.
mod_auth_anon -
Anonymous user authentication, FTP-style. +
Anonymous user access to authenticated areas.
mod_auth_db
User authentication using Berkeley DB files.
mod_auth_dbm diff --git a/docs/manual/mod/mod_auth_anon.html b/docs/manual/mod/mod_auth_anon.html index a9f9ae1512..ea27b803a8 100644 --- a/docs/manual/mod/mod_auth_anon.html +++ b/docs/manual/mod/mod_auth_anon.html @@ -14,28 +14,38 @@

Module mod_auth_anon

-This module is contained in the mod_auth_anon.c file and -is not compiled in by default. It is only available in Apache 1.1 and -later. It allows "anonymous" user access to authenticated areas. +This module allows "anonymous" user access to authenticated areas. + +

Status: Extension +
+Source File: mod_auth_anon.c +
+Module Identifier: anon_auth_module +

+

Summary

-It does access control in a manner similar to anonymous-ftp sites; i.e. -have a 'magic' user id 'anonymous' and the email address as a password. -These email addresses can be logged. -

-Combined with other (database) access control methods, this allows for +

This module does access control in a manner similar to +anonymous-ftp sites; i.e. have a 'magic' user id 'anonymous' +and the email address as a password. These email addresses can be +logged.

+ +

Combined with other (database) access control methods, this allows for effective user tracking and customization according to a user profile while still keeping the site open for 'unregistered' users. One advantage of using Auth-based user tracking is that, unlike magic-cookies and funny URL pre/postfixes, it is completely browser independent and it -allows users to share URLs. -

- -Directives / -Example / -Compile time options / -

+allows users to share URLs.

Directives

+

Example

+ +The example below (when combined with the Auth directives +of a htpasswd-file based (or GDM, mSQL etc.) base access +control system allows users in as 'guests' with the +following properties: + +

+Excerpt of access.conf: +

+Anonymous_NoUserId off
+Anonymous_MustGiveEmail on
+Anonymous_VerifyEmail on
+Anonymous_LogEmail on
+Anonymous anonymous guest www test welcome

+

+AuthName "Use 'anonymous' & Email address for guest entry"
+AuthType basic +

+# An AuthUserFile/AuthDBUserFile/AuthDBMUserFile
+# directive must be specified, or use
+# Anonymous_Authoritative for public access.
+# In the .htaccess for the public directory, add:
+<Files *>
+Order Deny,Allow
+Allow from all
+

+Require valid-user
+</Files>
+

+

Anonymous directive

@@ -258,58 +315,7 @@ allows users to share URLs. checked for at least one '@' and a '.' to encourage users to enter valid email addresses (see the above Auth_LogEmail). -
-

Example

- -The example below (when combined with the Auth directives -of a htpasswd-file based (or GDM, mSQL etc.) base access -control system allows users in as 'guests' with the -following properties: - -

-Excerpt of access.conf: -

-Anonymous_NoUserId off
-Anonymous_MustGiveEmail on
-Anonymous_VerifyEmail on
-Anonymous_LogEmail on
-Anonymous anonymous guest www test welcome

-

-AuthName "Use 'anonymous' & Email address for guest entry"
-AuthType basic -

-# An AuthUserFile/AuthDBUserFile/AuthDBMUserFile
-# directive must be specified, or use
-# Anonymous_Authoritative for public access.
-# In the .htaccess for the public directory, add:
-<Files *>
-Order Deny,Allow
-Allow from all
-

-Require valid-user
-</Files>
-

- -
-

Compile Time Options

-Currently there are no Compile options. diff --git a/docs/manual/mod/mod_auth_db.html b/docs/manual/mod/mod_auth_db.html index 8b6aeeb2ca..327cd6611b 100644 --- a/docs/manual/mod/mod_auth_db.html +++ b/docs/manual/mod/mod_auth_db.html @@ -15,32 +15,57 @@

Module mod_auth_db

-This module is contained in the mod_auth_db.c file, and -is not compiled in by default. It provides for user authentication using -Berkeley DB files. It is an alternative to DBM -files for those systems which support DB and not DBM. It is only -available in Apache 1.1 and later. - -

-On some BSD systems (e.g., FreeBSD and NetBSD) dbm is automatically mapped to -Berkeley DB. You can use either mod_auth_dbm -or mod_auth_db. The latter makes it more obvious that it's Berkeley DB. On -other platforms where you want to use the DB library you usually have to -install it first. See -http://www.sleepycat.com/ for the -distribution. The interface this module uses is the one from DB version 1.85 -and 1.86, but DB version 2.x can also be used when compatibility mode is -enabled. - -

+

This module provides for user authentication using Berkeley DB +files.

+ +

Status: Extension +
+Source File: mod_auth_db.c +
+Module Identifier: db_auth_module +

+ +

Summary

+ +

This module provides an alternative to DBM files for those systems which support +DB and not DBM. It is only available in Apache 1.1 and later.

+ +

On some BSD systems (e.g., FreeBSD and NetBSD) dbm is +automatically mapped to Berkeley DB. You can use either mod_auth_dbm or mod_auth_db. The latter +makes it more obvious that it's Berkeley DB. On other platforms where +you want to use the DB library you usually have to install it +first. See http://www.sleepycat.com/ for the +distribution. The interface this module uses is the one from DB +version 1.85 and 1.86, but DB version 2.x can also be used when +compatibility mode is enabled.

+ +

Directives

+ + + + +

See also: satisfy and +require.

+
-

AuthDBGroupFile

+

AuthDBGroupFile directive

AuthName, AuthType and AuthDBUserFile.

-

AuthDBUserFile

+

AuthDBUserFile directive

AuthName, AuthType and AuthDBGroupFile.

-

AuthDBAuthoritative

+

AuthDBAuthoritative directive

Syntax: AuthDBAuthoritative < - on(default) | off >
+ on| off >
+Default: AuthDBAuthoritative on
-Default: By default; control is not passed on; and an -unknown + +By default, control is not passed on and an unknown userID or rule will result in an Authorization Required reply. Not -setting it thus keeps the system secure; and forces an NCSA compliant +setting it thus keeps the system secure and forces an NCSA compliant behaviour.

Security: Do consider the implications of allowing a user to allow fall-through in his .htaccess file; and verify that this is really diff --git a/docs/manual/mod/mod_auth_dbm.html b/docs/manual/mod/mod_auth_dbm.html index 260f243caf..1c96bceb9e 100644 --- a/docs/manual/mod/mod_auth_dbm.html +++ b/docs/manual/mod/mod_auth_dbm.html @@ -16,16 +16,42 @@

Module mod_auth_dbm

-This module is contained in the mod_auth_dbm.c file, and -is not compiled in by default. It provides for user authentication using -DBM files. +

This module provides for user authentication using DBM files.

+

Status: Extension +
+Source File: mod_auth_dbm.c +
+Module Identifier: dbm_auth_module +

+ +

Summary

+ +

This module provides for HTTP Basic Authentication, where the +usernames and passwords are stored in DBM type database files. It is +an alternative to the plain text password files provided by mod_auth and the Berkely DB password files +provided by mod_auth_db.

- +

Directives

+ + + + +

See also: Satisfy and +Require.

@@ -148,7 +174,11 @@ See also AuthName, Syntax: AuthDBMAuthoritative < on(default) | off >
+>Syntax: AuthDBMAuthoritative < on | off >
+Default: AuthDBMAuthoritative on
AuthName, Status: Base
+>Status: Extension
Module: mod_auth

+>Module: mod_auth_dbm

Setting the AuthDBMAuthoritative directive explicitly to 'off' allows for both authentication and authorization to be passed on @@ -185,13 +215,10 @@ Whereas this DBM module supplies the bulk of the user credential checking; a few (administrator) related accesses fall through to a lower level with a well protected .htpasswd file.

-Default: By default; control is not passed on; and an unknown -userID or rule will result in an Authorization Required reply. Not -setting it thus keeps the system secure; and forces an NCSA compliant -behaviour.

+ +By default, control is not passed on and an unknown userID or rule +will result in an Authorization Required reply. Not setting it thus +keeps the system secure and forces an NCSA compliant behaviour.

Security: Do consider the implications of allowing a user to allow fall-through in his .htaccess file; and verify that this is really diff --git a/docs/manual/mod/mod_auth_digest.html b/docs/manual/mod/mod_auth_digest.html index 447fcfea0e..ed9e2067f9 100644 --- a/docs/manual/mod/mod_auth_digest.html +++ b/docs/manual/mod/mod_auth_digest.html @@ -15,19 +15,36 @@

Module mod_auth_digest

-This module is contained in the mod_auth_digest.c file, and is -not compiled in by default. It is only available in Apache 1.3.8 and -later. It provides for user authentication using MD5 Digest -Authentication. +

This module provides for user authentication using MD5 Digest +Authentication.

-

Note this is an updated version of Status: Experimental +
+Source File: mod_auth_digest.c +
+Module Identifier: digest_auth_module +

+ +

Summary

+ +

This is an updated version of mod_digest. However, it has not been -extensively tested and is therefore marked experimental. If you use this -module, you must make sure to not use mod_digest (because they -share some of the same configuration directives). +extensively tested and is therefore marked experimental. If you use +this module, you must make sure to not use mod_digest +(because they share some of the same configuration directives). +

Directives

- + + + +

See also: Require and +Satisfy. + +

Using Digest Authentication

+ +

Using MD5 Digest authentication is very simple. Simply set up +authentication normally, using "AuthType Digest" and "AuthDigestFile" +instead of the normal "AuthType Basic" and "AuthUserFile"; also, +replace any "AuthGroupFile" with "AuthDigestGroupFile". Then add a +"AuthDigestDomain" directive containing at least the root URI(s) for +this protection space. Example: + +

+  <Location /private/>
+  AuthType Digest
+  AuthName "private area"
+  AuthDigestDomain /private/ http://mirror.my.dom/private2/
+  AuthDigestFile /web/auth/.digest_pw
+  Require valid-user
+  </Location>
+
+ +

Note: MD5 authentication provides a more secure +password system than Basic authentication, but only works with supporting +browsers. As of this writing (July 1999), the only major browsers which +support digest authentication are Internet Explorer 5.0 and +Amaya. Therefore, we do not +recommend using this feature on a large Internet site. However, for +personal and intra-net use, where browser users can be controlled, it is +ideal. + +

-

AuthDigestFile

+ + +

AuthDigestFile directive

Status: Base
+>Status: Experimental
-

AuthDigestGroupFile

+

AuthDigestGroupFile directive

Status: Base
+>Status: Experimental
Module: mod_auth_digest
-Compatibility: Available in Apache 1.3.8 and later +>Module: mod_auth_digest

The AuthDigestGroupFile directive sets the name of a textual file containing the list of groups and their members (user names). @@ -115,7 +163,7 @@ AuthGroupFile.

-

AuthDigestQop

+

AuthDigestQop directive

Status: Base
+>Status: Experimental
Module: mod_auth_digest
-Compatibility: Available in Apache 1.3.8 and later +>Module: mod_auth_digest

The AuthDigestQop directive determines the quality-of-protection to use. auth will only do authentication (username/password); @@ -159,7 +203,8 @@ does not like the challenge it receives otherwise.

-

AuthDigestNonceLifetime

+

AuthDigestNonceLifetime +directive

Status: Base
+>Status: Experimental
Module: mod_auth_digest
-Compatibility: Available in Apache 1.3.8 and later +>Module: mod_auth_digest

The AuthDigestNonceLifetime directive controls how long the server nonce is valid. When the client contacts the server using an expired @@ -213,7 +254,7 @@ do not make sense here. -->

-

AuthDigestNonceFormat

+

AuthDigestNonceFormat directive

Status: Base
+>Status: Experimental
Module: mod_auth_digest
-Compatibility: Available in Apache 1.3.8 and later +>Module: mod_auth_digest

Not implemented yet.

-

AuthDigestNcCheck

+

AuthDigestNcCheck directive

Status: Base
+>Status: Experimental
Module: mod_auth_digest
-Compatibility: Available in Apache 1.3.8 and later +>Module: mod_auth_digest

Not implemented yet.

-

AuthDigestAlgorithm

+

AuthDigestAlgorithm directive

Status: Base
+>Status: Experimental
Module: mod_auth_digest
-Compatibility: Available in Apache 1.3.8 and later +>Module: mod_auth_digest

The AuthDigestAlgorithm directive selects the algorithm used to calculate the challenge and response hashes. @@ -335,7 +364,7 @@ the challenge and response hashes. -->

-

AuthDigestDomain

+

AuthDigestDomain directive

Status: Base
+>Status: Experimental
Module: mod_auth_digest
-Compatibility: Available in Apache 1.3.8 and later +>Module: mod_auth_digest

The AuthDigestDomain directive allows you to specify one or more URIs which are in the same protection space (i.e. use the same realm and @@ -379,37 +404,6 @@ clients (which understand this) will then share username/password info across multiple servers without prompting the user each time. -

- -

Using Digest Authentication

- -

Using MD5 Digest authentication is very simple. Simply set up -authentication normally, using "AuthType Digest" and "AuthDigestFile" -instead of the normal "AuthType Basic" and "AuthUserFile"; also, -replace any "AuthGroupFile" with "AuthDigestGroupFile". Then add a -"AuthDigestDomain" directive containing at least the root URI(s) for -this protection space. Example: - -

-  <Location /private/>
-  AuthType Digest
-  AuthName "private area"
-  AuthDigestDomain /private/ http://mirror.my.dom/private2/
-  AuthDigestFile /web/auth/.digest_pw
-  Require valid-user
-  </Location>
-
- -

Note: MD5 authentication provides a more secure -password system than Basic authentication, but only works with supporting -browsers. As of this writing (July 1999), the only major browsers which -support digest authentication are Internet Explorer 5.0 and -Amaya. Therefore, we do not -recommend using this feature on a large Internet site. However, for -personal and intra-net use, where browser users can be controlled, it is -ideal. - -- 2.50.1