httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bnicho...@apache.org
Subject svn commit: r366519 - in /httpd/httpd/branches/authz-dev/docs/manual/mod: mod_authn_alias.xml mod_authnz_ldap.xml mod_authz_dbd.xml mod_authz_dbm.xml mod_authz_groupfile.xml mod_authz_owner.xml mod_authz_user.xml mod_ldap.xml
Date Fri, 06 Jan 2006 16:15:22 GMT
Author: bnicholes
Date: Fri Jan  6 08:15:13 2006
New Revision: 366519

URL: http://svn.apache.org/viewcvs?rev=366519&view=rev
Log:
Remove the references to all of the AuthzXXXAuthoritative directives in the documentation
since these directives no longer exist

Modified:
    httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authn_alias.xml
    httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authnz_ldap.xml
    httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authz_dbd.xml
    httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authz_dbm.xml
    httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authz_groupfile.xml
    httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authz_owner.xml
    httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authz_user.xml
    httpd/httpd/branches/authz-dev/docs/manual/mod/mod_ldap.xml

Modified: httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authn_alias.xml
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authn_alias.xml?rev=366519&r1=366518&r2=366519&view=diff
==============================================================================
--- httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authn_alias.xml (original)
+++ httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authn_alias.xml Fri Jan  6 08:15:13
2006
@@ -76,7 +76,6 @@
     
          AuthType Basic<br />
          AuthName LDAP_Protected_Place<br />
-         AuthzLDAPAuthoritative off<br />
          require valid-user<br />
       </indent>
       &lt;/Directory&gt;<br />

Modified: httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authnz_ldap.xml
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authnz_ldap.xml?rev=366519&r1=366518&r2=366519&view=diff
==============================================================================
--- httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authnz_ldap.xml (original)
+++ httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authnz_ldap.xml Fri Jan  6 08:15:13
2006
@@ -301,9 +301,7 @@
     <p>If this directive exists, <module>mod_authnz_ldap</module> grants
     access to any user that has successfully authenticated during the
     search/bind phase.  Requires that <module>mod_authz_user</module> be 
-    loaded and that the 
-    <directive module="mod_authnz_ldap">AuthzLDAPAuthoritative</directive>
-    directive be set to off.</p>
+    loaded.</p>
 </section>
 
 <section id="requser"><title>require ldap-user</title>
@@ -573,17 +571,10 @@
     that gets created in the web</p>
 <example><pre>
 AuthLDAPURL            "the url"
-AuthzLDAPAuthoritative off
 AuthGroupFile <em>mygroupfile</em>
 require group <em>mygroupfile</em>
 </pre></example>
 
-    <p><directive module="mod_authnz_ldap">AuthzLDAPAuthoritative</directive>

-    must be off to allow <module>mod_authnz_ldap</module> to decline group
-    authentication so that Apache will fall back to file
-    authentication for checking group membership. This allows the
-    FrontPage-managed group file to be used.</p>
-
 <section id="howitworks"><title>How It Works</title>
 
     <p>FrontPage restricts access to a web by adding the <code>require
@@ -642,25 +633,6 @@
     </ul>
 </section>
 </section>
-
-<directivesynopsis>
-<name>AuthzLDAPAuthoritative</name>
-<description>Prevent other authentication modules from
-authenticating the user if this one fails</description>
-<syntax>AuthzLDAPAuthoritative on|off</syntax>
-<default>AuthzLDAPAuthoritative on</default>
-<contextlist><context>directory</context><context>.htaccess</context>
-</contextlist>
-<override>AuthConfig</override>
-
-<usage>
-    <p>Set to <code>off</code> if this module should let other
-    authentication modules attempt to authenticate the user, should
-    authentication with this module fail. Control is only passed on
-    to lower modules if there is no DN or rule that matches the
-    supplied user name (as passed by the client).</p>
-</usage>
-</directivesynopsis>
 
 <directivesynopsis>
 <name>AuthLDAPBindDN</name>

Modified: httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authz_dbd.xml
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authz_dbd.xml?rev=366519&r1=366518&r2=366519&view=diff
==============================================================================
--- httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authz_dbd.xml (original)
+++ httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authz_dbd.xml Fri Jan  6 08:15:13 2006
@@ -182,40 +182,4 @@
 </usage>
 </directivesynopsis>
 
-<directivesynopsis>
-<name>AuthzDBDAuthoritative</name>
-<description>Sets whether authorization will be passed on to lower level
-modules</description>
-<syntax>AuthzDBDAuthoritative On|Off</syntax>
-<default>AuthzDBDAuthoritative On</default>
-<contextlist><context>directory</context></contextlist>
-
-<usage>
-    <p>Setting the <directive>AuthzDBDAuthoritative</directive>
-    directive explicitly to <code>Off</code> allows group authorization
-    to be handled by another authz module if the userID is not
-    in any authorized dbd-group. If there are any groups
-    specified, the usual checks will be applied and a failure will
-    give an Authentication Required reply.</p>
-
-    <p>So if a userID appears in the database of more than one module;
-    or if a valid <directive module="core">Require</directive>
-    directive applies to more than one module; then the first module
-    will verify the credentials; and no access is passed on;
-    regardless of the <directive>AuthAuthoritative</directive> setting.</p>
-
-    <p>A common use for this is in conjunction with one of the
-    auth providers; such or
-    <module>mod_authn_file</module>. Whereas this DBD module supplies
-    the bulk of the user credential checking; a few (administrator) related
-    accesses fall through to a lower level with a well protected
-    <code>.htpasswd</code> file.</p>
-
-    <p>By default, control is not passed on and an unknown group
-    will result in an Authentication Required reply. Not
-    setting it thus keeps the system secure and forces an NCSA
-    compliant behaviour.</p>
-</usage>
-</directivesynopsis>
-
 </modulesynopsis>

Modified: httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authz_dbm.xml
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authz_dbm.xml?rev=366519&r1=366518&r2=366519&view=diff
==============================================================================
--- httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authz_dbm.xml (original)
+++ httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authz_dbm.xml Fri Jan  6 08:15:13 2006
@@ -119,51 +119,4 @@
 </usage>
 </directivesynopsis>
 
-<directivesynopsis>
-<name>AuthzDBMAuthoritative</name>
-<description>Sets whether authorization will be passed on to lower level
-modules</description>
-<syntax>AuthzDBMAuthoritative On|Off</syntax>
-<default>AuthzDBMAuthoritative On</default>
-<contextlist><context>directory</context><context>.htaccess</context>
-</contextlist>
-<override>AuthConfig</override>
-
-<usage>
-    <p>Setting the <directive>AuthzDBMAuthoritative</directive>
-    directive explicitly to <code>Off</code> allows group authorization
-    to be passed on to lower level modules (as defined in the
-    <code>modules.c</code> file) if there is no group found
-    for the the supplied userID. If there are any groups
-    specified, the usual checks will be applied and a failure will
-    give an Authentication Required reply.</p>
-
-    <p>So if a userID appears in the database of more than one module;
-    or if a valid <directive module="core">Require</directive>
-    directive applies to more than one module; then the first module
-    will verify the credentials; and no access is passed on;
-    regardless of the <directive>AuthAuthoritative</directive> setting.</p>
-
-    <p>A common use for this is in conjunction with one of the
-    auth providers; such as <module>mod_authn_dbm</module> or
-    <module>mod_authn_file</module>. Whereas this DBM module supplies
-    the bulk of the user credential checking; a few (administrator) related
-    accesses fall through to a lower level with a well protected
-    <code>.htpasswd</code> file.</p>
-
-    <p>By default, control is not passed on and an unknown group
-    will result in an Authentication Required reply. Not
-    setting it thus keeps the system secure and forces an NCSA
-    compliant behaviour.</p>
-
-    <note type="warning"><title>Security</title>
-      <p>Do consider the implications of allowing a user to
-      allow fall-through in his .htaccess file; and verify that this
-      is really what you want; Generally it is easier to just secure
-      a single <code>.htpasswd</code> file, than it is to secure a
-      database which might have more access interfaces.</p>
-    </note>
-</usage>
-</directivesynopsis>
-
 </modulesynopsis>

Modified: httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authz_groupfile.xml
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authz_groupfile.xml?rev=366519&r1=366518&r2=366519&view=diff
==============================================================================
--- httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authz_groupfile.xml (original)
+++ httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authz_groupfile.xml Fri Jan  6 08:15:13
2006
@@ -75,36 +75,4 @@
 </usage>
 </directivesynopsis>
 
-<directivesynopsis>
-<name>AuthzGroupFileAuthoritative</name>
-<description>Sets whether authorization will be passed on to lower level
-modules</description>
-<syntax>AuthzGroupFileAuthoritative On|Off</syntax>
-<default>AuthzGroupFileAuthoritative On</default>
-<contextlist><context>directory</context><context>.htaccess</context>
-</contextlist>
-<override>AuthConfig</override>
-
-<usage>
-    <p>Setting the <directive>AuthzGroupFileAuthoritative</directive>
-    directive explicitly to <code>Off</code> allows for
-    group authorization to be passed on to lower level modules (as defined
-    in the <code>modules.c</code> files) if there is <strong>no
-    group</strong> matching the supplied userID.</p>
-
-    <p>By default, control is not passed on and an unknown group
-    will result in an Authentication Required reply. Not
-    setting it thus keeps the system secure and forces an NCSA
-    compliant behaviour.</p>
-
-    <note type="warning"><title>Security</title>
-      <p>Do consider the implications of allowing a user to
-      allow fall-through in his <code>.htaccess</code> file; and verify
-      that this is really what you want; Generally it is easier to just
-      secure a single <code>.htpasswd</code> file, than it is to secure
-      a database which might have more access interfaces.</p>
-    </note>
-</usage>
-</directivesynopsis>
-
 </modulesynopsis>

Modified: httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authz_owner.xml
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authz_owner.xml?rev=366519&r1=366518&r2=366519&view=diff
==============================================================================
--- httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authz_owner.xml (original)
+++ httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authz_owner.xml Fri Jan  6 08:15:13
2006
@@ -132,39 +132,4 @@
     </section>
 </section>
 
-<directivesynopsis>
-<name>AuthzOwnerAuthoritative</name>
-<description>Sets whether authorization will be passed on to lower level
-modules</description>
-<syntax>AuthzOwnerAuthoritative On|Off</syntax>
-<default>AuthzOwnerAuthoritative On</default>
-<contextlist><context>directory</context><context>.htaccess</context>
-</contextlist>
-<override>AuthConfig</override>
-
-<usage>
-    <p>Setting the <directive>AuthzOwnerAuthoritative</directive>
-    directive explicitly to <code>Off</code> allows for
-    user authorization to be passed on to lower level modules (as defined
-    in the <code>modules.c</code> files) if:</p>
-
-    <ul>
-    <li>in the case of <code>file-owner</code> the file-system owner does
not
-    match the supplied web-username or could not be determined, or</li>
-
-    <li>in the case of <code>file-group</code> the file-system group does
not
-    contain the supplied web-username or could not be determined.</li>
-    </ul>
-
-    <p>Note that setting the value to <code>Off</code> also allows the
-    combination of <code>file-owner</code> and <code>file-group</code>,
so
-    access will be allowed if either one or the other (or both) match.</p>
-
-    <p>By default, control is not passed on and an authorization failure
-    will result in an "Authentication Required" reply. Not
-    setting it to <code>Off</code> thus keeps the system secure and forces
-    an NCSA compliant behaviour.</p>
-</usage>
-</directivesynopsis>
-
 </modulesynopsis>

Modified: httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authz_user.xml
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authz_user.xml?rev=366519&r1=366518&r2=366519&view=diff
==============================================================================
--- httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authz_user.xml (original)
+++ httpd/httpd/branches/authz-dev/docs/manual/mod/mod_authz_user.xml Fri Jan  6 08:15:13
2006
@@ -40,28 +40,4 @@
 <seealso><directive module="core">Require</directive></seealso>
 <seealso><directive module="core">Satisfy</directive></seealso>
 
-<directivesynopsis>
-<name>AuthzUserAuthoritative</name>
-<description>Sets whether authorization will be passed on to lower level
-modules</description>
-<syntax>AuthzUserAuthoritative On|Off</syntax>
-<default>AuthzUserAuthoritative On</default>
-<contextlist><context>directory</context><context>.htaccess</context>
-</contextlist>
-<override>AuthConfig</override>
-
-<usage>
-    <p>Setting the <directive>AuthzUserAuthoritative</directive>
-    directive explicitly to <code>Off</code> allows for
-    user authorization to be passed on to lower level modules (as defined
-    in the <code>modules.c</code> files) if there is <strong>no
-    user</strong> matching the supplied userID.</p>
-
-    <p>By default, control is not passed on and an unknown user
-    will result in an Authentication Required reply. Not
-    setting it to <code>Off</code> thus keeps the system secure and forces
-    an NCSA compliant behaviour.</p>
-</usage>
-</directivesynopsis>
-
 </modulesynopsis>

Modified: httpd/httpd/branches/authz-dev/docs/manual/mod/mod_ldap.xml
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/authz-dev/docs/manual/mod/mod_ldap.xml?rev=366519&r1=366518&r2=366519&view=diff
==============================================================================
--- httpd/httpd/branches/authz-dev/docs/manual/mod/mod_ldap.xml (original)
+++ httpd/httpd/branches/authz-dev/docs/manual/mod/mod_ldap.xml Fri Jan  6 08:15:13 2006
@@ -81,7 +81,6 @@
         Allow from yourdomain.example.com<br />
         AuthLDAPEnabled on<br />
         AuthLDAPURL ldap://127.0.0.1/dc=example,dc=com?uid?one<br />
-        AuthLDAPAuthoritative on<br />
         require valid-user<br />
       </indent>
       &lt;/Location&gt;
@@ -212,7 +211,6 @@
         Allow from yourdomain.example.com<br />
         AuthLDAPEnabled on<br />
         AuthLDAPURL ldaps://127.0.0.1/dc=example,dc=com?uid?one<br />
-        AuthLDAPAuthoritative on<br />
         require valid-user<br />
       </indent>
       &lt;/Location&gt;
@@ -234,7 +232,6 @@
         AuthLDAPEnabled on<br />
         LDAPTrustedMode TLS
         AuthLDAPURL ldap://127.0.0.1/dc=example,dc=com?uid?one<br />
-        AuthLDAPAuthoritative on<br />
         require valid-user<br />
       </indent>
       &lt;/Location&gt;
@@ -287,7 +284,6 @@
                 AuthLDAPEnabled on<br />
                 LDAPTrustedClientCert CERT_NICKNAME &lt;nickname&gt; [password]<br
/>
                 AuthLDAPURL ldaps://127.0.0.1/dc=example,dc=com?uid?one<br />
-                AuthLDAPAuthoritative on<br />
                 require valid-user<br />
             </indent>
             &lt;/Location&gt;
@@ -355,7 +351,6 @@
                 LDAPTrustedClientCert CERT_BASE64 /certs/cert1.pem<br />
                 LDAPTrustedClientCert KEY_BASE64 /certs/key1.pem<br />
                 AuthLDAPURL ldaps://127.0.0.1/dc=example,dc=com?uid?one<br />
-                AuthLDAPAuthoritative on<br />
                 require valid-user<br />
             </indent>
             &lt;/Location&gt;



Mime
View raw message