httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From pep...@apache.org
Subject cvs commit: httpd-docs-1.3/htdocs/manual/howto auth.html
Date Tue, 11 Dec 2001 01:47:24 GMT
pepper      01/12/10 17:47:24

  Modified:    htdocs/manual/howto auth.html
  Log:
  Fixed a few typos.
  Fixed some HTML tags (case, href/name/id)
  Added a mention of multiple 'arguments' to allow/deny, and an example. This should probably
be more explicit, but I'm not sure of the details (should we show with leading/trailing periods,
and explain that IPs are assumed to be the left side, but hostnames are assumed to be the
right side?).
  
  Revision  Changes    Path
  1.3       +39 -38    httpd-docs-1.3/htdocs/manual/howto/auth.html
  
  Index: auth.html
  ===================================================================
  RCS file: /home/cvs/httpd-docs-1.3/htdocs/manual/howto/auth.html,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- auth.html	2001/11/28 02:57:03	1.2
  +++ auth.html	2001/12/11 01:47:24	1.3
  @@ -10,7 +10,7 @@
     vlink="#000080" alink="#FF0000">
       <!--#include virtual="header.html" -->
   
  -<h1 align="CENTER">Authentication, Authorization, and Access
  +<h1 align="center">Authentication, Authorization, and Access
   Control</h1>
   
       <a name="TOC"></a> 
  @@ -191,7 +191,7 @@
       stores it along with the authentication realm, so that if other
       resources are requested from the same realm, the same username
       and password can be returned to authenticate that request
  -    without requiring the user to type them in again. This cacheing
  +    without requiring the user to type them in again. This caching
       is usually just for the current browser session, but some
       browsers allow you to store them permanently, so that you never
       have to type in your password again.</p>
  @@ -328,38 +328,38 @@
   
       <table cellpadding="3">
         <tr>
  -        <td align="LEFT">AuthType</td>
  +        <td align="left">AuthType</td>
   
  -        <td align="LEFT" valign="TOP" width="360">Authentication
  +        <td align="left" valign="top" width="360">Authentication
           type being used. In this case, it will be set to
           <tt>Basic</tt></td>
         </tr>
   
         <tr>
  -        <td align="LEFT">AuthName</td>
  +        <td align="left">AuthName</td>
   
  -        <td align="LEFT" valign="TOP" width="360">The
  +        <td align="left" valign="top" width="360">The
           authentication realm or name</td>
         </tr>
   
         <tr>
  -        <td align="LEFT">AuthUserFile</td>
  +        <td align="left">AuthUserFile</td>
   
  -        <td align="LEFT" valign="TOP" width="360">The location of
  +        <td align="left" valign="top" width="360">The location of
           the password file</td>
         </tr>
   
         <tr>
  -        <td align="LEFT">AuthGroupFile</td>
  +        <td align="left">AuthGroupFile</td>
   
  -        <td align="LEFT" valign="TOP" width="360">The location of
  +        <td align="left" valign="top" width="360">The location of
           the group file, if any</td>
         </tr>
   
         <tr>
  -        <td align="LEFT">Require</td>
  +        <td align="left">Require</td>
   
  -        <td align="LEFT" valign="TOP" width="360">The
  +        <td align="left" valign="top" width="360">The
           requirement(s) which must be satisfied in order to grant
           admission</td>
         </tr>
  @@ -496,7 +496,7 @@
       and password is ugly. It contains text that you did not
       indicate that you wanted in there. It looks different in
       Internet Explorer and Netscape, and contains different text.
  -    And it askes for fields that the user might not understand -
  +    And it asks for fields that the user might not understand -
       for example, Netscape asks the user to type in their ``User
       ID'', and they might not know what that means. Or, you might
       want to provide additional explanatory text so that the user
  @@ -505,7 +505,7 @@
       <p>Unfortunately, these things are features of the browser, and
       cannot be controlled from the server side. If you want the
       login to look different, then you will need to implement your
  -    own authenticatin scheme. There is no way to change what this
  +    own authentication scheme. There is no way to change what this
       login box looks like if you are using basic authentication.</p>
   
       <h3><a name="persistpass"></a><br />
  @@ -580,8 +580,8 @@
       <p>Not only that, but remember that the username and password
       are passed with every request, not just when the user first
       types them in. So the packet sniffer need not be listening at a
  -    particularly strategic time, byt just be listening for long
  -    enough to see any request come across the wire.</p>
  +    particularly strategic time, but just for long enough to see
  +    any single request come across the wire.</p>
   
       <p>And, in addition to that, the content itself is also going
       across the network in the clear, and so if the web site
  @@ -606,7 +606,7 @@
   
       <h2><a name="digestworks">How digest auth works</a></h2>
   
  -    <p>Digest authentication is implemeted by the module
  +    <p>Digest authentication is implemented by the module
       <tt>mod_auth_digest</tt>. There is an older module,
       <tt>mod_digest</tt>, which implemented an older version of the
       digest authentication specification, but which will probably
  @@ -642,9 +642,9 @@
   
       <p>As with basic authentication, a simple utility is provided
       to create and maintain the password file which will be used to
  -    detmine whether a particular user's name and password are
  +    determine whether a particular user's name and password are
       valid. This utility is called <tt>htdigest</tt>, and will be
  -    located in the <tt>bin</tt> diretory of wherever you installed
  +    located in the <tt>bin</tt> directory of wherever you installed
       Apache. If you installed Apache from some variety of package
       manager, <tt>htdigest</tt> is likely to have been placed
       somewhere in your path.</p>
  @@ -675,44 +675,44 @@
   
       <p>Once you have created a password file, you need to tell
       Apache about it in order to start using it as a source of
  -    authenticated user inormation. This configuration is done with
  +    authenticated user information. This configuration is done with
       the following directives:</p>
   
       <table cellpadding="3">
         <tr>
  -        <td align="LEFT">AuthType</td>
  +        <td align="left">AuthType</td>
   
  -        <td align="LEFT" valign="TOP" width="360">Authentication
  +        <td align="left" valign="top" width="360">Authentication
           type being used. In this case, it will be set to
           <tt>Digest</tt></td>
         </tr>
   
         <tr>
  -        <td align="LEFT">AuthName</td>
  +        <td align="left">AuthName</td>
   
  -        <td align="LEFT" valign="TOP" width="360">The
  +        <td align="left" valign="top" width="360">The
           authentication realm or name</td>
         </tr>
   
         <tr>
  -        <td align="LEFT">AuthDigestFile</td>
  +        <td align="left">AuthDigestFile</td>
   
  -        <td align="LEFT" valign="TOP" width="360">The location of
  +        <td align="left" valign="top" width="360">The location of
           the password file</td>
         </tr>
   
         <tr>
  -        <td align="LEFT">AuthDigestGroupFile</td>
  +        <td align="left">AuthDigestGroupFile</td>
   
  -        <td align="LEFT" valign="TOP" width="360">Location of the
  +        <td align="left" valign="top" width="360">Location of the
           group file, if any</td>
         </tr>
   
         <tr>
  -        <td align="LEFT">Require</td>
  +        <td align="left">Require</td>
   
  -        <td align="LEFT" valign="TOP" width="360">The
  -        requirement(s) which must be satisfied in order ot grant
  +        <td align="left" valign="top" width="360">The
  +        requirement(s) which must be satisfied in order to grant
           admission</td>
         </tr>
       </table>
  @@ -856,7 +856,7 @@
       BSDs, and Linux, they are exactly the same thing. You should
       pick whichever of the two modules makes the most sense on your
       particular platform of choice. If you do not have DB support on
  -    your platforn, you may need to install it. You download an
  +    your platform, you may need to install it. You download an
       implementation of DB at <tt>http://www.sleepycat.com/</tt>. <a
       id="11415" name="11415"></a></p>
   
  @@ -982,7 +982,7 @@
   
       <p>Passwords are stored in Unix <tt>crypt</tt> format, just as
       they were in the "regular" password files. The 'salt' that is
  -    created in the middle there is part of the process, cenerating
  +    created in the middle there is part of the process, generating
       a random starting point for that encryption. The technique
       being used is called a 'tied hash'. The idea is to tie a
       built-in data structure to the contents of the file, such that
  @@ -1078,7 +1078,8 @@
   
       <p>where <i>address</i> is an IP address (or a partial IP
       address) or a fully qualified domain name (or a partial domain
  -    name).</p>
  +    name); you may provide multiple addresses or domain names, if
  +    desired.</p>
   
       <p>For example, if you have someone spamming your message
       board, and you want to keep them out, you could do the
  @@ -1099,7 +1100,7 @@
       you can specify just part of an address or domain name:</p>
   <pre>
   deny from 192.101.205
  -deny from cyberthugs.com
  +deny from cyberthugs.com moreidiots.com
   deny from ke
   </pre>
   
  @@ -1148,14 +1149,14 @@
   &lt;/Directory&gt;
   </pre>
   
  -    <p>In this scenario, users will be let in ir they either have a
  +    <p>In this scenario, users will be let in if they either have a
       password, or if they are in the internal network.</p>
   
       <h1><a name="summary">Summary</a></h1>
   
       <p>The various authentication modules provide a number of ways
       to restrict access to your host based on the identity of the
  -    user. They offere a somewhat standard interface to this
  +    user. They offer a somewhat standard interface to this
       functionality, but provide different back-end mechanisms for
       actually authenticating the user.</p>
   
  @@ -1174,7 +1175,7 @@
         <dd>There are actually a number of implementations that get
         around this limitation. MLDBM is one of them, for example.
         However, for the purposes of this discussion, we'll just deal
  -      with standard Berkeley DB, which is likeley to have shipped
  +      with standard Berkeley DB, which is likely to have shipped
         with whatever operating system you are already running.</dd>
   
         <dt><a name="foot2">... file</a><a
  
  
  

Mime
View raw message