httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brian Behlendorf <br...@hyperreal.com>
Subject cvs commit: apache/htdocs/manual/mod mod_auth_dbm.html mod_auth_db.html
Date Thu, 21 Nov 1996 08:39:30 GMT
brian       96/11/21 00:39:29

  Modified:    htdocs/manual/mod  mod_auth_dbm.html mod_auth_db.html
  Log:
  Added gunk from old "auth_dbm.html" describing some implementation
  issues.  This so we can nuke auth_dbm.html, which really doesn't have
  a home... also fixed some minor typos.
  
  Revision  Changes    Path
  1.2       +39 -5     apache/htdocs/manual/mod/mod_auth_dbm.html
  
  Index: mod_auth_dbm.html
  ===================================================================
  RCS file: /export/home/cvs/apache/htdocs/manual/mod/mod_auth_dbm.html,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -C3 -r1.1 -r1.2
  *** mod_auth_dbm.html	1996/11/21 08:12:42	1.1
  --- mod_auth_dbm.html	1996/11/21 08:39:27	1.2
  ***************
  *** 24,30 ****
    
    <A name="authdbmgroupfile"><h2>AuthDbmGroupFile</h2></A>
    <!--%plaintext &lt;?INDEX {\tt AuthDbmGroupFile} directive&gt; -->
  ! <strong>Syntax:</strong> AuthGroupFile <em>filename</em><br>
    <Strong>Context:</strong> directory, .htaccess<br>
    <Strong>Override:</strong> AuthConfig<br>
    <strong>Status:</strong> Extension<br>
  --- 24,30 ----
    
    <A name="authdbmgroupfile"><h2>AuthDbmGroupFile</h2></A>
    <!--%plaintext &lt;?INDEX {\tt AuthDbmGroupFile} directive&gt; -->
  ! <strong>Syntax:</strong> AuthDBMGroupFile <em>filename</em><br>
    <Strong>Context:</strong> directory, .htaccess<br>
    <Strong>Override:</strong> AuthConfig<br>
    <strong>Status:</strong> Extension<br>
  ***************
  *** 41,47 ****
    Security: make sure that the AuthDBMGroupFile is stored outside the
    document tree of the webserver; do <em>not</em> put it in the directory that
    it protects. Otherwise, clients will be able to download the
  ! AuthDBMGroupFile.<p>
    
    See also <A HREF="core.html#authname">AuthName</A>,
    <A HREF="core.html#authtype">AuthType</A> and
  --- 41,71 ----
    Security: make sure that the AuthDBMGroupFile is stored outside the
    document tree of the webserver; do <em>not</em> put it in the directory that
    it protects. Otherwise, clients will be able to download the
  ! AuthDBMGroupFile unless otherwise protected.<p>
  ! 
  ! Combining Group and Password DBM files: In some cases it is easier to
  ! manage a single database which contains both the password and group
  ! details for each user. This simplifies any support programs that need
  ! to be written: they now only have to deal with writing to and locking
  ! a single DBM file. This can be accomplished by first setting the group
  ! and password files to point to the same DBM:<p>
  ! 
  ! <blockquote><code>
  ! AuthDBMGroupFile /www/userbase<br>
  ! AuthDBMUserFile /www/userbase
  ! </code></blockquote>
  ! 
  ! The key for the single DBM is the username. The value consists of <p>
  ! 
  ! <blockquote><code>
  ! Unix Crypted Password : List of Groups [ : (ignored) ]
  ! </code></blockquote>
  ! 
  ! The password section contains the Unix crypt() password as before. This is
  ! followed by a colon and the comma separated list of groups. Other data may
  ! optionally be left in the DBM file after another colon; it is ignored by the
  ! authentication module. This is what www.telescope.org uses for its combined
  ! password and group database. <p>
    
    See also <A HREF="core.html#authname">AuthName</A>,
    <A HREF="core.html#authtype">AuthType</A> and
  ***************
  *** 58,71 ****
    The AuthDBMUserFile directive sets the name of a DBM file containing the list
    of users and passwords for user authentication. <em>Filename</em> is the
    absolute path to the user file.<p>
  ! The user file is keyed on the username. The value for a user is the crypt()
  ! encrypted password, optionally followed by a colon and arbitrary data.
  ! The colon and the data following it will be ignored by the server.<p>
    
    Security: make sure that the AuthDBMUserFile is stored outside the
    document tree of the webserver; do <em>not</em> put it in the directory that
    it protects. Otherwise, clients will be able to download the
    AuthDBMUserFile.<p>
    
    See also <A HREF="core.html#authname">AuthName</A>,
    <A HREF="core.html#authtype">AuthType</A> and
  --- 82,105 ----
    The AuthDBMUserFile directive sets the name of a DBM file containing the list
    of users and passwords for user authentication. <em>Filename</em> is the
    absolute path to the user file.<p>
  ! 
  ! The user file is keyed on the username. The value for a user is the
  ! crypt() encrypted password, optionally followed by a colon and
  ! arbitrary data.  The colon and the data following it will be ignored
  ! by the server.<p>
    
    Security: make sure that the AuthDBMUserFile is stored outside the
    document tree of the webserver; do <em>not</em> put it in the directory that
    it protects. Otherwise, clients will be able to download the
    AuthDBMUserFile.<p>
  + 
  + Important compatibility note: The implementation of "dbmopen" in the
  + apache modules reads the string length of the hashed values from the
  + DBM data structures, rather than relying upon the string being
  + NULL-appended. Some applications, such as the Netscape web server,
  + rely upon the string being NULL-appended, so if you are having trouble
  + using DBM files interchangeably between applications this may be a
  + part of the problem. <p>
    
    See also <A HREF="core.html#authname">AuthName</A>,
    <A HREF="core.html#authtype">AuthType</A> and
  
  
  
  1.2       +38 -5     apache/htdocs/manual/mod/mod_auth_db.html
  
  Index: mod_auth_db.html
  ===================================================================
  RCS file: /export/home/cvs/apache/htdocs/manual/mod/mod_auth_db.html,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -C3 -r1.1 -r1.2
  *** mod_auth_db.html	1996/11/21 08:12:41	1.1
  --- mod_auth_db.html	1996/11/21 08:39:27	1.2
  ***************
  *** 12,18 ****
    
    This module is contained in the <code>mod_auth_db.c</code> file, and
    is not compiled in by default. It provides for user authentication using
  ! Berkeley DB files. It is an alternative to <A HREF="../auth_dbm.html">DBM</A>
    files for those systems which support DB and not DBM. It is only
    available in Apache 1.1 and later.
    
  --- 12,18 ----
    
    This module is contained in the <code>mod_auth_db.c</code> file, and
    is not compiled in by default. It provides for user authentication using
  ! Berkeley DB files. It is an alternative to <A HREF="mod_auth_dbm.html">DBM</A>
    files for those systems which support DB and not DBM. It is only
    available in Apache 1.1 and later.
    
  ***************
  *** 43,49 ****
    Security: make sure that the AuthDBGroupFile is stored outside the
    document tree of the webserver; do <em>not</em> put it in the directory that
    it protects. Otherwise, clients will be able to download the
  ! AuthDBGroupFile.<p>
    
    See also <A HREF="core.html#authname">AuthName</A>,
    <A HREF="core.html#authtype">AuthType</A> and
  --- 43,72 ----
    Security: make sure that the AuthDBGroupFile is stored outside the
    document tree of the webserver; do <em>not</em> put it in the directory that
    it protects. Otherwise, clients will be able to download the
  ! AuthDBGroupFile unless otherwise protected.<p>
  ! 
  ! Combining Group and Password DB files: In some cases it is easier to
  ! manage a single database which contains both the password and group
  ! details for each user. This simplifies any support programs that need
  ! to be written: they now only have to deal with writing to and locking
  ! a single DBM file. This can be accomplished by first setting the group
  ! and password files to point to the same DB file:<p>
  ! 
  ! <blockquote><code>
  ! AuthDBGroupFile /www/userbase<br>
  ! AuthDBUserFile /www/userbase
  ! </code></blockquote>
  ! 
  ! The key for the single DB record is the username. The value consists of <p>
  ! 
  ! <blockquote><code>
  ! Unix Crypted Password : List of Groups [ : (ignored) ]
  ! </code></blockquote>
  ! 
  ! The password section contains the Unix crypt() password as before. This is
  ! followed by a colon and the comma separated list of groups. Other data may
  ! optionally be left in the DB file after another colon; it is ignored by the
  ! authentication module. <p>
    
    See also <A HREF="core.html#authname">AuthName</A>,
    <A HREF="core.html#authtype">AuthType</A> and
  ***************
  *** 60,73 ****
    The AuthDBUserFile directive sets the name of a DB file containing the list
    of users and passwords for user authentication. <em>Filename</em> is the
    absolute path to the user file.<p>
  ! The user file is keyed on the username. The value for a user is the crypt()
  ! encrypted password, optionally followed by a colon and arbitrary data.
  ! The colon and the data following it will be ignored by the server.<p>
    
    Security: make sure that the AuthDBUserFile is stored outside the
    document tree of the webserver; do <em>not</em> put it in the directory that
    it protects. Otherwise, clients will be able to download the
    AuthDBUserFile.<p>
    
    See also <A HREF="core.html#authname">AuthName</A>,
    <A HREF="core.html#authtype">AuthType</A> and
  --- 83,106 ----
    The AuthDBUserFile directive sets the name of a DB file containing the list
    of users and passwords for user authentication. <em>Filename</em> is the
    absolute path to the user file.<p>
  ! 
  ! The user file is keyed on the username. The value for a user is the
  ! crypt() encrypted password, optionally followed by a colon and
  ! arbitrary data.  The colon and the data following it will be ignored
  ! by the server.<p>
    
    Security: make sure that the AuthDBUserFile is stored outside the
    document tree of the webserver; do <em>not</em> put it in the directory that
    it protects. Otherwise, clients will be able to download the
    AuthDBUserFile.<p>
  + 
  + Important compatibility note: The implementation of "dbmopen" in the
  + apache modules reads the string length of the hashed values from the
  + DB data structures, rather than relying upon the string being
  + NULL-appended. Some applications, such as the Netscape web server,
  + rely upon the string being NULL-appended, so if you are having trouble
  + using DB files interchangeably between applications this may be a
  + part of the problem. <p>
    
    See also <A HREF="core.html#authname">AuthName</A>,
    <A HREF="core.html#authtype">AuthType</A> and
  
  
  

Mime
View raw message