httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From n.@apache.org
Subject cvs commit: httpd-2.0/docs/manual/ssl ssl_howto.xml
Date Wed, 09 Oct 2002 01:16:07 GMT
nd          2002/10/08 18:16:07

  Modified:    docs/manual env.xml install.xml
               docs/manual/howto htaccess.xml
               docs/manual/misc rewriteguide.xml
               docs/manual/mod core.xml mod_auth_ldap.xml
                        mod_authn_anon.xml mod_authz_host.xml mod_info.xml
               docs/manual/ssl ssl_howto.xml
  Log:
  fix many links in respect to the aaa changes.
  Probably overlooked one or two ;-)
  
  Some files are left unmodified, since the parts there
  aren't clear or have to be (re-)written:
  
  ebcdic.xml
  new_features_2_0.xml
  upgrading.xml
  
  Revision  Changes    Path
  1.5       +3 -3      httpd-2.0/docs/manual/env.xml
  
  Index: env.xml
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/docs/manual/env.xml,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -u -r1.4 -r1.5
  --- env.xml	23 Aug 2002 23:21:32 -0000	1.4
  +++ env.xml	9 Oct 2002 01:16:06 -0000	1.5
  @@ -121,7 +121,7 @@
       
       <related>
         <modulelist>
  -        <module>mod_access</module>
  +        <module>mod_authz_host</module>
           <module>mod_cgi</module>
           <module>mod_ext_filter</module>
           <module>mod_headers</module>
  @@ -130,9 +130,9 @@
           <module>mod_rewrite</module>
         </modulelist>
         <directivelist>
  -        <directive module="mod_access">Allow</directive>
  +        <directive module="mod_authz_host">Allow</directive>
           <directive module="mod_log_config">CustomLog</directive>
  -        <directive module="mod_access">Deny</directive>
  +        <directive module="mod_authz_host">Deny</directive>
           <directive module="mod_ext_filter">ExtFilterDefine</directive>
           <directive module="mod_headers">Header</directive>
           <directive module="mod_log_config">LogFormat</directive>
  
  
  
  1.8       +1 -1      httpd-2.0/docs/manual/install.xml
  
  Index: install.xml
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/docs/manual/install.xml,v
  retrieving revision 1.7
  retrieving revision 1.8
  diff -u -r1.7 -r1.8
  --- install.xml	5 Oct 2002 16:06:45 -0000	1.7
  +++ install.xml	9 Oct 2002 01:16:06 -0000	1.8
  @@ -495,7 +495,7 @@
   <section id="dbm"><title>DBM</title>
   
       <p>Several Apache features, including
  -    <module>mod_auth_dbm</module> and <module>mod_rewrite</module>'s
  +    <module>mod_authn_dbm</module> and <module>mod_rewrite</module>'s
       DBM <directive module="mod_rewrite">RewriteMap</directive> use
       simple key/value databases for quick lookups of information.  Apache
       includes SDBM with its source-code, so this database is always
  
  
  
  1.4       +4 -3      httpd-2.0/docs/manual/howto/htaccess.xml
  
  Index: htaccess.xml
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/docs/manual/howto/htaccess.xml,v
  retrieving revision 1.3
  retrieving revision 1.4
  diff -u -r1.3 -r1.4
  --- htaccess.xml	5 Sep 2002 23:12:58 -0000	1.3
  +++ htaccess.xml	9 Oct 2002 01:16:06 -0000	1.4
  @@ -15,7 +15,8 @@
       <related>
           <modulelist>
               <module>core</module>
  -            <module>mod_auth</module>
  +            <module>mod_authn_file</module>
  +            <module>mod_authz_groupfile</module>
               <module>mod_cgi</module>
               <module>mod_include</module>
               <module>mod_mime</module>
  @@ -29,8 +30,8 @@
               <directive module="core">SetHandler</directive>
               <directive module="core">AuthType</directive>
               <directive module="core">AuthName</directive>
  -            <directive module="mod_auth">AuthUserFile</directive>
  -            <directive module="mod_auth">AuthGroupFile</directive>
  +            <directive module="mod_authn_file">AuthUserFile</directive>
  +            <directive module="mod_authz_groupfile">AuthGroupFile</directive>
               <directive module="core">Require</directive>
           </directivelist>
   
  
  
  
  1.3       +1 -1      httpd-2.0/docs/manual/misc/rewriteguide.xml
  
  Index: rewriteguide.xml
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/docs/manual/misc/rewriteguide.xml,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- rewriteguide.xml	29 Sep 2002 04:51:26 -0000	1.2
  +++ rewriteguide.xml	9 Oct 2002 01:16:06 -0000	1.3
  @@ -2061,7 +2061,7 @@
             instance a authentication which checks for a set of
             explicitly configured users. Only these should receive
             access and without explicit prompting (which would occur
  -          when using the Basic Auth via <module>mod_access</module>).</p>
  +          when using the Basic Auth via <module>mod_auth_basic</module>).</p>
           </dd>
   
           <dt>Solution:</dt>
  
  
  
  1.35      +14 -14    httpd-2.0/docs/manual/mod/core.xml
  
  Index: core.xml
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/docs/manual/mod/core.xml,v
  retrieving revision 1.34
  retrieving revision 1.35
  diff -u -r1.34 -r1.35
  --- core.xml	8 Oct 2002 18:40:36 -0000	1.34
  +++ core.xml	9 Oct 2002 01:16:06 -0000	1.35
  @@ -183,7 +183,7 @@
         Allow use of the authorization directives (<directive
         module="mod_authn_dbm">AuthDBMGroupFile</directive>,
         <directive module="mod_authn_dbm">AuthDBMUserFile</directive>,
  -      <directive module="mod_authn_file">AuthGroupFile</directive>,
  +      <directive module="mod_authz_groupfile">AuthGroupFile</directive>,
         <directive module="core">AuthName</directive>, 
         <directive module="core">AuthType</directive>, <directive
         module="mod_authn_file">AuthUserFile</directive>, <directive
  @@ -225,9 +225,9 @@
   
         <dd>
         Allow use of the directives controlling host access (<directive
  -      module="mod_access">Allow</directive>, <directive
  -      module="mod_access">Deny</directive> and <directive
  -      module="mod_access">Order</directive>).</dd>
  +      module="mod_authz_host">Allow</directive>, <directive
  +      module="mod_authz_host">Deny</directive> and <directive
  +      module="mod_authz_host">Order</directive>).</dd>
   
         <dt>Options</dt>
   
  @@ -267,8 +267,8 @@
       marks.  It must be accompanied by <directive
       module="core">AuthType</directive> and <directive
       module="core">Require</directive> directives, and directives such
  -    as <directive module="mod_auth">AuthUserFile</directive> and
  -    <directive module="mod_auth">AuthGroupFile</directive> to
  +    as <directive module="mod_authn_file">AuthUserFile</directive> and
  +    <directive module="mod_authz_groupfile">AuthGroupFile</directive> to
       work.</p>
   
      <p>For example:</p>
  @@ -301,8 +301,8 @@
        It must be accompanied by <directive
        module="core">AuthName</directive> and <directive
        module="core">Require</directive> directives, and directives such
  -     as <directive module="mod_auth">AuthUserFile</directive> and
  -     <directive module="mod_auth">AuthGroupFile</directive> to
  +     as <directive module="mod_authn_file">AuthUserFile</directive> and
  +     <directive module="mod_authz_groupfile">AuthGroupFile</directive> to
        work.</p>
   </usage>
   <seealso><a href="../howto/auth.html">Authentication, Authorization,
  @@ -947,7 +947,7 @@
       address. (In "tcpwrappers" terminology this is called
       <code>PARANOID</code>.)</p>
   
  -    <p>Regardless of the setting, when <module>mod_access</module> is
  +    <p>Regardless of the setting, when <module>mod_authz_host</module>
is
       used for controlling access by hostname, a double reverse lookup
       will be performed.  This is necessary for security. Note that the
       result of this double-reverse isn't generally available unless you
  @@ -2002,8 +2002,8 @@
       <p><directive>Require</directive> must be accompanied by
       <directive module="core">AuthName</directive> and <directive
       module="core">AuthType</directive> directives, and directives such
  -    as <directive module="mod_auth">AuthUserFile</directive>
  -    and <directive module="mod_auth">AuthGroupFile</directive> (to
  +    as <directive module="mod_authn_file">AuthUserFile</directive>
  +    and <directive module="mod_authz_groupfile">AuthGroupFile</directive> (to
       define users and groups) in order to work correctly. Example:</p>
   
       <example>
  @@ -2023,7 +2023,7 @@
       section.</p>
   </usage>
   <seealso><directive module="core">Satisfy</directive></seealso>
  -<seealso><module>mod_access</module></seealso>
  +<seealso><module>mod_authz_host</module></seealso>
   </directivesynopsis>
   
   <directivesynopsis>
  @@ -2143,7 +2143,7 @@
   
   <usage>
       <p>Access policy if both <directive
  -    module="core">Allow</directive> and <directive
  +    module="mod_authz_host">Allow</directive> and <directive
       module="core">Require</directive> used. The parameter can be
       either <var>all</var> or <var>any</var>. This directive is
only
       useful if access to a particular area is being restricted by both
  @@ -2168,7 +2168,7 @@
       </example>
      
   </usage>
  -   <seealso><directive module="mod_access">Allow</directive></seealso>
  +   <seealso><directive module="mod_authz_host">Allow</directive></seealso>
      <seealso><directive module="core">Require</directive></seealso>
   </directivesynopsis>
   
  
  
  
  1.6       +10 -12    httpd-2.0/docs/manual/mod/mod_auth_ldap.xml
  
  Index: mod_auth_ldap.xml
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/docs/manual/mod/mod_auth_ldap.xml,v
  retrieving revision 1.5
  retrieving revision 1.6
  diff -u -r1.5 -r1.6
  --- mod_auth_ldap.xml	19 Sep 2002 18:14:25 -0000	1.5
  +++ mod_auth_ldap.xml	9 Oct 2002 01:16:06 -0000	1.6
  @@ -58,19 +58,14 @@
   
           <ul>
             <li><a href="#reqvaliduser">require valid-user</a></li>
  -
             <li><a href="#requser">require user</a></li>
  -
             <li><a href="#reqgroup">require group</a></li>
  -
             <li><a href="#reqdn">require dn</a></li>
           </ul>
         </li>
   
         <li><a href="#examples">Examples</a></li>
  -
         <li><a href="#usingtls">Using TLS</a></li>
  -
         <li><a href="#usingssl">Using SSL</a></li>
   
         <li>
  @@ -79,7 +74,6 @@
   
           <ul>
             <li><a href="#howitworks">How It Works</a></li>
  -
             <li><a href="#fpcaveats">Caveats</a></li>
           </ul>
         </li>
  @@ -447,7 +441,8 @@
       FrontPage with mod_auth_ldap</title>
   
       <p>Normally, FrontPage uses FrontPage-web-specific user/group
  -    files (i.e., the <module>mod_auth</module> module) to handle all
  +    files (i.e., the <module>mod_authn_file</module> and
  +    <module>mod_authz_groupfile</module> modules) to handle all
       authentication. Unfortunately, it is not possible to just
       change to LDAP authentication by adding the proper directives,
       because it will break the <em>Permissions</em> forms in
  @@ -496,8 +491,8 @@
       <ul>
         <li>When choosing the LDAP URL, the attribute to use for
         authentication should be something that will also be valid
  -      for putting into a <module>mod_auth</module> user file. The user ID is
  -      ideal for this.</li>
  +      for putting into a <module>mod_authn_file</module> user file.
  +      The user ID is ideal for this.</li>
   
         <li>When adding users via FrontPage, FrontPage administrators
         should choose usernames that already exist in the LDAP
  @@ -507,9 +502,12 @@
         LDAP database, and not against the password in the local user
         file. This could cause confusion for web administrators.</li>
   
  -      <li>Apache must be compiled with <module>mod_auth</module> in order
to
  +      <!-- XXX is that true? was mod_auth before the aaa change -->
  +      <li>Apache must be compiled with <module>mod_auth_basic</module>,
  +      <module>mod_authn_file</module> and
  +      <module>mod_authz_groupfile</module> in order to
         use FrontPage support. This is because Apache will still use
  -      the <module>mod_auth</module> group file for determine the extent of
a
  +      the <module>mod_authz_groupfile</module> group file for determine the
extent of a
         user's access to the FrontPage web.</li>
   
         <li>The directives must be put in the <code>.htaccess</code>
  @@ -517,7 +515,7 @@
         type="section">Location</directive> or <directive module="core"
         type="section">Directory</directive> directives won't work. This
         is because <module>mod_auth_ldap</module> has to be able to grab
  -      the <directive module="mod_auth">AuthUserFile</directive>
  +      the <directive module="mod_authn_file">AuthUserFile</directive>
         directive that is found in FrontPage <code>.htaccess</code>
         files so that it knows where to look for the valid user list. If
         the <module>mod_auth_ldap</module> directives aren't in the same
  
  
  
  1.2       +1 -1      httpd-2.0/docs/manual/mod/mod_authn_anon.xml
  
  Index: mod_authn_anon.xml
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/docs/manual/mod/mod_authn_anon.xml,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- mod_authn_anon.xml	7 Oct 2002 08:46:31 -0000	1.1
  +++ mod_authn_anon.xml	9 Oct 2002 01:16:06 -0000	1.2
  @@ -67,7 +67,7 @@
         AuthType basic<br />
   <br />
          # An
  -      AuthUserFile/AuthDBUserFile/AuthDBMUserFile<br />
  +      AuthUserFile/AuthDBMUserFile<br />
          # directive must be specified, or use<br />
          # Anonymous_Authoritative for public access.<br />
          # In the .htaccess for the public directory, add:<br />
  
  
  
  1.2       +7 -7      httpd-2.0/docs/manual/mod/mod_authz_host.xml
  
  Index: mod_authz_host.xml
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/docs/manual/mod/mod_authz_host.xml,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- mod_authz_host.xml	7 Oct 2002 08:46:31 -0000	1.1
  +++ mod_authz_host.xml	9 Oct 2002 01:16:06 -0000	1.2
  @@ -14,13 +14,13 @@
   <compatibility>Available in Apache 2.0.44 and later</compatibility>
   
   <summary>
  -    <p>The directives provided by mod_authz_host are used in <directive
  -    module="core" type="section">Directory</directive>, <directive
  -    module="core" type="section">Files</directive>, and <directive
  -    module="core" type="section">Location</directive> sections as well as
  -    <code><a href="core.html#accessfilename">.htaccess</a></code>
  -    files to control access to particular parts of the server. Access
  -    can be controlled based on the client hostname, IP address, or
  +    <p>The directives provided by <module>mod_authz_host</module> are
  +    used in <directive module="core" type="section">Directory</directive>,
  +    <directive module="core" type="section">Files</directive>, and
  +    <directive module="core" type="section">Location</directive> sections
  +    as well as <code><a href="core.html#accessfilename">.htaccess</a>
  +    </code> files to control access to particular parts of the server.
  +    Access can be controlled based on the client hostname, IP address, or
       other characteristics of the client request, as captured in <a
       href="../env.html">environment variables</a>. The <directive
       module="mod_authz_host">Allow</directive> and <directive
  
  
  
  1.8       +6 -4      httpd-2.0/docs/manual/mod/mod_info.xml
  
  Index: mod_info.xml
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/docs/manual/mod/mod_info.xml,v
  retrieving revision 1.7
  retrieving revision 1.8
  diff -u -r1.7 -r1.8
  --- mod_info.xml	7 Oct 2002 08:46:31 -0000	1.7
  +++ mod_info.xml	9 Oct 2002 01:16:06 -0000	1.8
  @@ -25,7 +25,7 @@
       <p>You may wish to add a 
       <directive module="core">&lt;Limit&gt;</directive> 
       clause inside the 
  -    <directive module="core">&lt;location&gt;</directive>
  +    <directive module="core">&lt;Location&gt;</directive>
       directive to limit access to your server configuration 
       information.</p>
   
  @@ -74,9 +74,11 @@
       the module <em>module-name</em>. Example:</p>
   
   <example>
  -AddModuleInfo mod_authn_file.c 'See &lt;A \<br />
  -  HREF="http://www.apache.org/docs-2.0/mod/mod_authn_file.html"&gt;\<br />
  -  http://www.apache.org/docs-2.0/mod/mod_authn_file.html&lt;/A&gt;'
  +  AddModuleInfo mod_authn_file.c 'See &lt;a \<br />
  +  <indent>
  +    href="http://www.apache.org/docs-2.0/mod/mod_authn_file.html"&gt;\<br />
  +    http://www.apache.org/docs-2.0/mod/mod_authn_file.html&lt;/a&gt;'
  +  </indent>
   </example>
   </usage>
   
  
  
  
  1.2       +10 -8     httpd-2.0/docs/manual/ssl/ssl_howto.xml
  
  Index: ssl_howto.xml
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/docs/manual/ssl/ssl_howto.xml,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- ssl_howto.xml	29 Sep 2002 00:11:28 -0000	1.1
  +++ ssl_howto.xml	9 Oct 2002 01:16:06 -0000	1.2
  @@ -156,14 +156,14 @@
       <p>The key is to check for various ingredients of the client certficate.
       Usually this means to check the whole or part of the Distinguished
       Name (DN) of the Subject. For this two methods exists: The <module
  -    >mod_auth</module> based variant and the <directive module="mod_ssl"
  -    >SSLRequire</directive> variant. The first method is good when the
  -    clients are of totally different type, i.e. when their DNs have no
  -    common fields (usually the organisation, etc.). In this case you've
  -    to establish a password database containing <em>all</em> clients. The
  -    second method is better when your clients are all part of a common
  -    hierarchy which is encoded into the DN. Then you can match them more
  -    easily.</p>
  +    >mod_auth_basic</module> based variant and the <directive
  +    module="mod_ssl">SSLRequire</directive> variant. The first method is
  +    good when the clients are of totally different type, i.e. when their
  +    DNs have no common fields (usually the organisation, etc.). In this
  +    case you've to establish a password database containing <em>all</em>
  +    clients. The second method is better when your clients are all part of
  +    a common hierarchy which is encoded into the DN. Then you can match
  +    them more easily.</p>
   
       <p>The first method:</p>
       <example><title>httpd.conf</title><pre>
  @@ -178,6 +178,7 @@
   SSLRequireSSL
   AuthName             "Snake Oil Authentication"
   AuthType             Basic
  +AuthBasicProvider    file
   AuthUserFile         /usr/local/apache2/conf/httpd.passwd
   require              valid-user
   &lt;/Directory&gt;</pre>
  @@ -256,6 +257,7 @@
   #   HTTP Basic Authentication
   AuthType             basic
   AuthName             "Protected Intranet Area"
  +AuthBasicProvider    file
   AuthUserFile         conf/protected.passwd
   Require              valid-user
   &lt;/Directory&gt;</pre>
  
  
  

Mime
View raw message