httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From n.@apache.org
Subject cvs commit: httpd-2.0/docs/manual/mod mod_auth_dbm.html.en mod_auth_dbm.xml quickreference.html.en
Date Thu, 12 Dec 2002 06:38:47 GMT
nd          2002/12/11 22:38:47

  Modified:    docs/manual/mod Tag: APACHE_2_0_BRANCH mod_auth_dbm.html.en
                        mod_auth_dbm.xml quickreference.html.en
  Log:
  markup, reformatting, nitpicking
  
  Revision  Changes    Path
  No                   revision
  
  
  No                   revision
  
  
  1.12.2.3  +40 -43    httpd-2.0/docs/manual/mod/Attic/mod_auth_dbm.html.en
  
  Index: mod_auth_dbm.html.en
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/docs/manual/mod/Attic/mod_auth_dbm.html.en,v
  retrieving revision 1.12.2.2
  retrieving revision 1.12.2.3
  diff -u -r1.12.2.2 -r1.12.2.3
  --- mod_auth_dbm.html.en	11 Dec 2002 21:53:34 -0000	1.12.2.2
  +++ mod_auth_dbm.html.en	12 Dec 2002 06:38:46 -0000	1.12.2.3
  @@ -53,49 +53,47 @@
   <table class="directive">
   <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Sets
whether authentication and authorization will be
   passwed on to lower level modules</td></tr>
  -<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthDBMAuthoritative
on|off</code></td></tr>
  -<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthDBMAuthoritative
on</code></td></tr>
  +<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthDBMAuthoritative
On|Off</code></td></tr>
  +<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthDBMAuthoritative
On</code></td></tr>
   <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory,
.htaccess</td></tr>
   <tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
   <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
   <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_auth_dbm</td></tr>
   </table>
  -
  -<div class="note">This information has not been updated to take into account the
  -new module ordering techniques in Apache 2.0</div>
  -
       <p>Setting the <code class="directive">AuthDBMAuthoritative</code>
  -    directive explicitly to <strong>'off'</strong> allows for both
  +    directive explicitly to <code>Off</code> allows for both
       authentication and authorization to be passed on to lower level
  -    modules (as defined in the <code>Configuration</code> and
  -    <code>modules.c</code> file if there is <strong>no userID</strong>
  -    or <strong>rule</strong> matching the supplied userID. If there is
  -    a userID and/or rule specified; the usual password and access
  -    checks will be applied and a failure will give an Authorization
  -    Required reply.</p>
  +    modules (as defined in the <code>modules.c</code> files) if there
  +    is <strong>no userID</strong> or <strong>rule</strong> matching
the
  +    supplied userID. If there is a userID and/or rule specified; the
  +    usual password and access checks will be applied and a failure will
  +    give an "Authentication Required" reply.</p>
   
       <p>So if a userID appears in the database of more than one module;
       or if a valid <code class="directive"><a href="../mod/core.html#require">Require</a></code>
       directive applies to more than one module; then the first module
       will verify the credentials; and no access is passed on;
  -    regardless of the <code class="directive">AuthAuthoritative</code> setting.</p>
  +    regardless of the <code class="directive">AuthDBMAuthoritative</code>
  +    setting.</p>
   
       <p>A common use for this is in conjunction with one of the
       basic auth modules; such as <code class="module"><a href="../mod/mod_auth.html">mod_auth</a></code>.
Whereas this
       DBM module supplies the bulk of the user credential checking; a
       few (administrator) related accesses fall through to a lower
  -    level with a well protected .htpasswd file.</p>
  +    level with a well protected <code>.htpasswd</code> file.</p>
   
       <p>By default, control is not passed on and an unknown userID
  -    or rule will result in an Authorization Required reply. Not
  +    or rule will result in an "Authentication Required" reply. Not
       setting it thus keeps the system secure and forces an NCSA
       compliant behaviour.</p>
   
  -    <p>Security: Do consider the implications of allowing a user to
  -    allow fall-through in his .htaccess file; and verify that this
  -    is really what you want; Generally it is easier to just secure
  -    a single .htpasswd file, than it is to secure a database which
  -    might have more access interfaces.</p>
  +    <div class="warning"><h3>Security:</h3>
  +      <p>Do consider the implications of allowing a user to allow
  +      fall-through in his <code>.htaccess</code> file; and verify that this
  +      is really what you want; Generally it is easier to just secure
  +      a single <code>.htpasswd</code> file, than it is to secure a
  +      database which might have more access interfaces.</p>
  +    </div>
   
   </div>
   <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif"
/></a></div>
  @@ -146,12 +144,11 @@
         <var>Unix Crypt-ed Password</var>:<var>List of Groups</var>[:(ignored)]
       </code></p></div>
   
  -    <p>The password section contains the Unix <code>crypt()</code>
  -    password as before. This is followed by a colon and the comma
  -    separated list of groups. Other data may optionally be left in the
  -    DBM file after another colon; it is ignored by the authentication
  -    module. This is what www.telescope.org uses for its combined
  -    password and group database.</p>
  +    <p>The password section contains the encrypted password as before.
  +    This is followed by a colon and the comma separated list of groups.
  +    Other data may optionally be left in the DBM file after another colon;
  +    it is ignored by the authentication module. This is what
  +    www.telescope.org uses for its combined password and group database.</p>
   
   </div>
   <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif"
/></a></div>
  @@ -167,14 +164,13 @@
   <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_auth_dbm</td></tr>
   <tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available
in version 2.0.30 and later.</td></tr>
   </table>
  +    <p>Sets the type of database file that is used to store the passwords.
  +    The default database type is determined at compile time.  The
  +    availability of other types of database files also depends on
  +    <a href="../install.html#dbm">compile-time settings</a>.</p>
   
  -<p>Sets the type of database file that is used to store the passwords.
  -The default database type is determined at compile time.  The
  -availability of other types of database files also depends on
  -<a href="../install.html#dbm">compile-time settings</a>.</p>
  -
  -<p>It is crucial that whatever program you use to create your password
  -files is configured to use the same type of database.</p>
  +    <p>It is crucial that whatever program you use to create your password
  +    files is configured to use the same type of database.</p>
   
   </div>
   <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif"
/></a></div>
  @@ -194,15 +190,16 @@
       the user file.</p>
   
       <p>The user file is keyed on the username. The value for a user is
  -    the <code>crypt()</code> encrypted password, optionally followed
  -    by a colon and arbitrary data. The colon and the data following it
  -    will be ignored by the server.</p>
  -
  -    <p>Security: make sure that the
  -    <code class="directive">AuthDBMUserFile</code> is stored outside the
  -    document tree of the web-server; do <em>not</em> put it in the
  -    directory that it protects. Otherwise, clients will be able to
  -    download the <code class="directive">AuthDBMUserFile</code>.</p>
  +    the encrypted password, optionally followed by a colon and arbitrary
  +    data. The colon and the data following it will be ignored by the
  +    server.</p>
  +
  +    <div class="warning"><h3>Security:</h3>
  +      <p>Make sure that the <code class="directive">AuthDBMUserFile</code>
is stored
  +      outside the document tree of the web-server; do <em>not</em> put it in
  +      the directory that it protects. Otherwise, clients will be able to
  +      download the <code class="directive">AuthDBMUserFile</code>.</p>
  +    </div>
   
       <p>Important compatibility note: The implementation of
       "dbmopen" in the apache modules reads the string length of the
  
  
  
  1.5.2.2   +40 -43    httpd-2.0/docs/manual/mod/Attic/mod_auth_dbm.xml
  
  Index: mod_auth_dbm.xml
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/docs/manual/mod/Attic/mod_auth_dbm.xml,v
  retrieving revision 1.5.2.1
  retrieving revision 1.5.2.2
  diff -u -r1.5.2.1 -r1.5.2.2
  --- mod_auth_dbm.xml	2 Dec 2002 19:32:07 -0000	1.5.2.1
  +++ mod_auth_dbm.xml	12 Dec 2002 06:38:46 -0000	1.5.2.2
  @@ -70,12 +70,11 @@
         <var>Unix Crypt-ed Password</var>:<var>List of Groups</var>[:(ignored)]
       </example>
   
  -    <p>The password section contains the Unix <code>crypt()</code>
  -    password as before. This is followed by a colon and the comma
  -    separated list of groups. Other data may optionally be left in the
  -    DBM file after another colon; it is ignored by the authentication
  -    module. This is what www.telescope.org uses for its combined
  -    password and group database.</p>
  +    <p>The password section contains the encrypted password as before.
  +    This is followed by a colon and the comma separated list of groups.
  +    Other data may optionally be left in the DBM file after another colon;
  +    it is ignored by the authentication module. This is what
  +    www.telescope.org uses for its combined password and group database.</p>
   </usage>
   </directivesynopsis>
   
  @@ -95,15 +94,16 @@
       the user file.</p>
   
       <p>The user file is keyed on the username. The value for a user is
  -    the <code>crypt()</code> encrypted password, optionally followed
  -    by a colon and arbitrary data. The colon and the data following it
  -    will be ignored by the server.</p>
  -
  -    <p>Security: make sure that the
  -    <directive>AuthDBMUserFile</directive> is stored outside the
  -    document tree of the web-server; do <em>not</em> put it in the
  -    directory that it protects. Otherwise, clients will be able to
  -    download the <directive>AuthDBMUserFile</directive>.</p>
  +    the encrypted password, optionally followed by a colon and arbitrary
  +    data. The colon and the data following it will be ignored by the
  +    server.</p>
  +
  +    <note type="warning"><title>Security:</title>
  +      <p>Make sure that the <directive>AuthDBMUserFile</directive> is
stored
  +      outside the document tree of the web-server; do <em>not</em> put it in
  +      the directory that it protects. Otherwise, clients will be able to
  +      download the <directive>AuthDBMUserFile</directive>.</p>
  +    </note>
   
       <p>Important compatibility note: The implementation of
       "dbmopen" in the apache modules reads the string length of the
  @@ -133,14 +133,13 @@
   <compatibility>Available in version 2.0.30 and later.</compatibility>
   
   <usage>
  +    <p>Sets the type of database file that is used to store the passwords.
  +    The default database type is determined at compile time.  The
  +    availability of other types of database files also depends on
  +    <a href="../install.html#dbm">compile-time settings</a>.</p>
   
  -<p>Sets the type of database file that is used to store the passwords.
  -The default database type is determined at compile time.  The
  -availability of other types of database files also depends on
  -<a href="../install.html#dbm">compile-time settings</a>.</p>
  -
  -<p>It is crucial that whatever program you use to create your password
  -files is configured to use the same type of database.</p>
  +    <p>It is crucial that whatever program you use to create your password
  +    files is configured to use the same type of database.</p>
   </usage>
   </directivesynopsis>
   
  @@ -148,49 +147,47 @@
   <name>AuthDBMAuthoritative</name>
   <description>Sets whether authentication and authorization will be
   passwed on to lower level modules</description>
  -<syntax>AuthDBMAuthoritative on|off</syntax>
  -<default>AuthDBMAuthoritative on</default>
  +<syntax>AuthDBMAuthoritative On|Off</syntax>
  +<default>AuthDBMAuthoritative On</default>
   <contextlist><context>directory</context><context>.htaccess</context>
   </contextlist>
   <override>AuthConfig</override>
   
   <usage>
  -
  -<note>This information has not been updated to take into account the
  -new module ordering techniques in Apache 2.0</note>
  -
       <p>Setting the <directive>AuthDBMAuthoritative</directive>
  -    directive explicitly to <strong>'off'</strong> allows for both
  +    directive explicitly to <code>Off</code> allows for both
       authentication and authorization to be passed on to lower level
  -    modules (as defined in the <code>Configuration</code> and
  -    <code>modules.c</code> file if there is <strong>no userID</strong>
  -    or <strong>rule</strong> matching the supplied userID. If there is
  -    a userID and/or rule specified; the usual password and access
  -    checks will be applied and a failure will give an Authorization
  -    Required reply.</p>
  +    modules (as defined in the <code>modules.c</code> files) if there
  +    is <strong>no userID</strong> or <strong>rule</strong> matching
the
  +    supplied userID. If there is a userID and/or rule specified; the
  +    usual password and access checks will be applied and a failure will
  +    give an "Authentication Required" reply.</p>
   
       <p>So if a userID appears in the database of more than one module;
       or if a valid <directive module="core">Require</directive>
       directive applies to more than one module; then the first module
       will verify the credentials; and no access is passed on;
  -    regardless of the <directive>AuthAuthoritative</directive> setting.</p>
  +    regardless of the <directive>AuthDBMAuthoritative</directive>
  +    setting.</p>
   
       <p>A common use for this is in conjunction with one of the
       basic auth modules; such as <module>mod_auth</module>. Whereas this
       DBM module supplies the bulk of the user credential checking; a
       few (administrator) related accesses fall through to a lower
  -    level with a well protected .htpasswd file.</p>
  +    level with a well protected <code>.htpasswd</code> file.</p>
   
       <p>By default, control is not passed on and an unknown userID
  -    or rule will result in an Authorization Required reply. Not
  +    or rule will result in an "Authentication Required" reply. Not
       setting it thus keeps the system secure and forces an NCSA
       compliant behaviour.</p>
   
  -    <p>Security: Do consider the implications of allowing a user to
  -    allow fall-through in his .htaccess file; and verify that this
  -    is really what you want; Generally it is easier to just secure
  -    a single .htpasswd file, than it is to secure a database which
  -    might have more access interfaces.</p>
  +    <note type="warning"><title>Security:</title>
  +      <p>Do consider the implications of allowing a user to allow
  +      fall-through in his <code>.htaccess</code> file; and verify that this
  +      is really what you want; Generally it is easier to just secure
  +      a single <code>.htpasswd</code> file, than it is to secure a
  +      database which might have more access interfaces.</p>
  +    </note>
   </usage>
   </directivesynopsis>
   
  
  
  
  1.47.2.10 +1 -1      httpd-2.0/docs/manual/mod/quickreference.html.en
  
  Index: quickreference.html.en
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/docs/manual/mod/quickreference.html.en,v
  retrieving revision 1.47.2.9
  retrieving revision 1.47.2.10
  diff -u -r1.47.2.9 -r1.47.2.10
  --- quickreference.html.en	12 Dec 2002 06:15:11 -0000	1.47.2.9
  +++ quickreference.html.en	12 Dec 2002 06:38:46 -0000	1.47.2.10
  @@ -127,7 +127,7 @@
   <tr><td><a href="perchild.html#assignuserid">AssignUserID <var>user_id</var>
<var>group_id</var></a></td><td /><td>v</td><td>M</td></tr><tr><td
class="descr" colspan="4">-</td></tr>
   <tr class="odd"><td><a href="mod_auth.html#authauthoritative">AuthAuthoritative
On|Off</a></td><td> On </td><td>dh</td><td>B</td></tr><tr
class="odd"><td class="descr" colspan="4">Sets whether authorization and authentication
are
   passed to lower level modules</td></tr>
  -<tr><td><a href="mod_auth_dbm.html#authdbmauthoritative">AuthDBMAuthoritative
on|off</a></td><td> on </td><td>dh</td><td>E</td></tr><tr><td
class="descr" colspan="4">Sets whether authentication and authorization will be
  +<tr><td><a href="mod_auth_dbm.html#authdbmauthoritative">AuthDBMAuthoritative
On|Off</a></td><td> On </td><td>dh</td><td>E</td></tr><tr><td
class="descr" colspan="4">Sets whether authentication and authorization will be
   passwed on to lower level modules</td></tr>
   <tr class="odd"><td><a href="mod_auth_dbm.html#authdbmgroupfile">AuthDBMGroupFile
<var>file-path</var></a></td><td /><td>dh</td><td>E</td></tr><tr
class="odd"><td class="descr" colspan="4">Sets the name of the database file containing
the list
   of user groups for authentication</td></tr>
  
  
  

Mime
View raw message