httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From s.@apache.org
Subject svn commit: r1001201 - in /httpd/httpd/trunk/docs/manual: developer/new_api_2_4.html.en mod/mod_authz_core.html.en mod/mod_authz_host.html.en
Date Sat, 25 Sep 2010 12:01:59 GMT
Author: sf
Date: Sat Sep 25 12:01:59 2010
New Revision: 1001201

URL: http://svn.apache.org/viewvc?rev=1001201&view=rev
Log:
Update transformations

Modified:
    httpd/httpd/trunk/docs/manual/developer/new_api_2_4.html.en
    httpd/httpd/trunk/docs/manual/mod/mod_authz_core.html.en
    httpd/httpd/trunk/docs/manual/mod/mod_authz_host.html.en

Modified: httpd/httpd/trunk/docs/manual/developer/new_api_2_4.html.en
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/developer/new_api_2_4.html.en?rev=1001201&r1=1001200&r2=1001201&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/developer/new_api_2_4.html.en (original)
+++ httpd/httpd/trunk/docs/manual/developer/new_api_2_4.html.en Sat Sep 25 12:01:59 2010
@@ -72,7 +72,8 @@
   <p>In addition to the existing regexp wrapper, a new higher-level API
   <code>ap_rxplus</code> is now provided.  This provides the capability to
   compile Perl-style expressions like <code>s/regexp/replacement/flags</code>
-  and to execute them against arbitrary strings.  Also regexp memory.</p>
+  and to execute them against arbitrary strings. Support for regexp
+  backreference.</p>
   
 
   <h3><a name="ap_slotmem" id="ap_slotmem">ap_slotmem (NEW!)</a></h3>

Modified: httpd/httpd/trunk/docs/manual/mod/mod_authz_core.html.en
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_authz_core.html.en?rev=1001201&r1=1001200&r2=1001201&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_authz_core.html.en (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_authz_core.html.en Sat Sep 25 12:01:59 2010
@@ -53,6 +53,7 @@
 <ul id="topics">
 <li><img alt="" src="../images/down.gif" /> <a href="#authzalias">Creating
Authorization Provider Aliases</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#logic">Authorization
Containers</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#requiredirectives">The
Require Directives</a></li>
 </ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif"
/></a></div>
 <div class="section">
@@ -164,6 +165,88 @@
         </span>      
         &lt;/Directory&gt;
     </code></p></div>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif"
/></a></div>
+<div class="section">
+<h2><a name="requiredirectives" id="requiredirectives">The Require Directives</a></h2>
+
+  <p><code class="module"><a href="../mod/mod_authz_core.html">mod_authz_core</a></code>
provides some generic authorization
+  providers which can be used with the
+  <code class="directive"><a href="#require">Require</a></code> directive.</p>
+
+  <h3><a name="reqenv" id="reqenv">Require env</a></h3>
+
+    <p>The <code>env</code> provider allows access to the server
+    to be controlled based on the existence of an <a href="../env.html">environment
variable</a>. When <code>Require 
+    env <var>env-variable</var></code> is specified, then the request is
+    allowed access if the environment variable <var>env-variable</var>
+    exists. The server provides the ability to set environment
+    variables in a flexible way based on characteristics of the client
+    request using the directives provided by
+    <code class="module"><a href="../mod/mod_setenvif.html">mod_setenvif</a></code>.
Therefore, this directive can be
+    used to allow access based on such factors as the clients
+    <code>User-Agent</code> (browser type), <code>Referer</code>,
or
+    other HTTP request header fields.</p>
+    
+    <div class="example"><h3>Example:</h3><p><code>
+      SetEnvIf User-Agent ^KnockKnock/2\.0 let_me_in<br />
+      &lt;Directory /docroot&gt;<br />
+      <span class="indent">
+        Require env let_me_in<br />
+      </span>
+      &lt;/Directory&gt;
+    </code></p></div>
+    
+    <p>In this case, browsers with a user-agent string beginning
+    with <code>KnockKnock/2.0</code> will be allowed access, and all
+    others will be denied.</p>
+
+  
+
+  <h3><a name="reqall" id="reqall">Require all</a></h3>
+
+    <p>The <code>all</code> provider mimics the functionality the
+    was previously provided by the 'Allow from all' and 'Deny from all'
+    directives.  This provider can take one of two arguments which are 
+    'granted' or 'denied'.  The following examples will grant or deny 
+    access to all requests.</p>
+
+    <div class="example"><p><code>
+    Require all granted<br />
+    </code></p></div>
+
+    <div class="example"><p><code>
+    Require all denied<br />
+    </code></p></div>
+
+  
+
+  <h3><a name="reqmethod" id="reqmethod">Require method</a></h3>
+
+    <p>The <code>method</code> provider allows to use the HTTP method in
+    authorization decisions. The GET and HEAD methods are treated as
+    equivalent. The TRACE method is not available to this provider,
+    use <code class="directive"><a href="../mod/core.html#traceenable">TraceEnable</a></code>
instead.</p>
+
+    <p>The following example will only allow GET, HEAD, POST, and OPTIONS
+    requests:</p>
+
+    <div class="example"><p><code>
+        Require method GET POST OPTIONS<br />
+    </code></p></div>
+
+    <p>The following example will allow GET, HEAD, POST, and OPTIONS
+    requests without authentication, and require a valid user for all other
+    methods:</p>
+
+    <div class="example"><p><code>
+        &lt;RequireAny&gt;<br />
+        &nbsp;Require method GET POST OPTIONS<br />
+        &nbsp;Require valid-user<br />
+        &lt;/RequireAny&gt;<br />
+    </code></p></div>
+
+  
+
 </div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif"
/></a></div>
 <div class="directive-section"><h2><a name="AuthMerging" id="AuthMerging">AuthMerging</a>
<a name="authmerging" id="authmerging">Directive</a></h2>
@@ -273,9 +356,28 @@ an authorization provider.</td></tr>
 </table>
     <p>This directive tests whether an authenticated user is authorized
     according to a particular authorization provider and the specified
-    restrictions.  Some of the allowed syntaxes provided by
-    <code class="module"><a href="../mod/mod_authz_user.html">mod_authz_user</a></code>
and
-    <code class="module"><a href="../mod/mod_authz_groupfile.html">mod_authz_groupfile</a></code>
are:</p>
+    restrictions. <code class="module"><a href="../mod/mod_authz_core.html">mod_authz_core</a></code>
provides the following
+    generic authorization providers:</p>
+
+    <dl>
+      <dt><code>Require all granted</code></dt>
+      <dd>Access is allowed unconditionally.</dd>
+
+      <dt><code>Require all denied</code></dt>
+      <dd>Access is denied unconditionally.</dd>
+
+      <dt><code>Require env <var>env-var</var> [<var>env-var</var>]
+      ...</code></dt>
+      <dd>Access is allowed only if one of the given environment variables is
+          set.</dd>
+
+      <dt><code>Require method <var>http-method</var> [<var>http-method</var>]
+      ...</code></dt>
+      <dd>Access is allowed only for the given HTTP methods.</dd>
+    </dl>
+
+    <p>Some of the allowed syntaxes provided by <code class="module"><a href="../mod/mod_authz_user.html">mod_authz_user</a></code>
+       and <code class="module"><a href="../mod/mod_authz_groupfile.html">mod_authz_groupfile</a></code>
are:</p>
 
     <dl>
       <dt><code>Require user <var>userid</var> [<var>userid</var>]
@@ -296,8 +398,8 @@ an authorization provider.</td></tr>
     <code class="module"><a href="../mod/mod_authz_host.html">mod_authz_host</a></code>,
and
     <code class="module"><a href="../mod/mod_authz_owner.html">mod_authz_owner</a></code>.</p>
 
-    <p>For a complete authentication and authorization configuration, 
-    <code class="directive">Require</code> must be accompanied by
+    <p>In most cases, for a complete authentication and authorization
+    configuration, <code class="directive">Require</code> must be accompanied
by
     <code class="directive"><a href="../mod/mod_authn_core.html#authname">AuthName</a></code>,
<code class="directive"><a href="../mod/mod_authn_core.html#authtype">AuthType</a></code>
and 
     <code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code>
or
     <code class="directive"><a href="../mod/mod_auth_digest.html#authdigestprovider">AuthDigestProvider</a></code>


Modified: httpd/httpd/trunk/docs/manual/mod/mod_authz_host.html.en
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_authz_host.html.en?rev=1001201&r1=1001200&r2=1001201&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_authz_host.html.en (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_authz_host.html.en Sat Sep 25 12:01:59 2010
@@ -40,8 +40,7 @@ address)</td></tr>
     or <code class="directive"><a href="../mod/core.html#location">&lt;Location&gt;</a></code>
section
     as well as <code><a href="core.html#accessfilename">.htaccess</a>
     </code> files to control access to particular parts of the server.
-    Access can be controlled based on the client hostname, IP address, or
-    other characteristics of the client request, as captured in <a href="../env.html">environment
variables</a>.</p>
+    Access can be controlled based on the client hostname or IP address.</p>
 
     <p>In general, access restriction directives apply to all
     access methods (<code>GET</code>, <code>PUT</code>,
@@ -69,44 +68,13 @@ address)</td></tr>
     <p>Apache's <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code>

     directive is used during the authorization phase to ensure that a user is allowed or
     denied access to a resource.  mod_authz_host extends the 
-    authorization types with <code>env</code>, <code>ip</code>, 
-    <code>host</code> and <code>all</code>.  Other authorization
types may also be 
+    authorization types with <code>ip</code> and <code>host</code>.
+    Other authorization types may also be 
     used but may require that additional authorization modules be loaded.</p>
 
     <p>These authorization providers affect which hosts can
     access an area of the server. Access can be controlled by
-    hostname, IP Address, IP Address range, or by other
-    characteristics of the client request captured in environment
-    variables.</p>
-
-<h3><a name="reqenv" id="reqenv">Require env</a></h3>
-
-    <p>The <code>env</code> provider allows access to the server
-    to be controlled based on the existence of an <a href="../env.html">environment
variable</a>. When <code>Require 
-    env <var>env-variable</var></code> is specified, then the request is
-    allowed access if the environment variable <var>env-variable</var>
-    exists. The server provides the ability to set environment
-    variables in a flexible way based on characteristics of the client
-    request using the directives provided by
-    <code class="module"><a href="../mod/mod_setenvif.html">mod_setenvif</a></code>.
Therefore, this directive can be
-    used to allow access based on such factors as the clients
-    <code>User-Agent</code> (browser type), <code>Referer</code>,
or
-    other HTTP request header fields.</p>
-    
-    <div class="example"><h3>Example:</h3><p><code>
-      SetEnvIf User-Agent ^KnockKnock/2\.0 let_me_in<br />
-      &lt;Directory /docroot&gt;<br />
-      <span class="indent">
-        Require env let_me_in<br />
-      </span>
-      &lt;/Directory&gt;
-    </code></p></div>
-    
-    <p>In this case, browsers with a user-agent string beginning
-    with <code>KnockKnock/2.0</code> will be allowed access, and all
-    others will be denied.</p>
-
-
+    hostname, IP Address, or IP Address range.</p>
 
 <h3><a name="reqip" id="reqip">Require ip</a></h3>
 
@@ -191,52 +159,6 @@ address)</td></tr>
 
 
 
-<h3><a name="reqall" id="reqall">Require all</a></h3>
-
-    <p>The <code>all</code> provider mimics the functionality the
-    was previously provided by the 'Allow from all' and 'Deny from all'
-    directives.  This provider can take one of two arguments which are 
-    'granted' or 'denied'.  The following examples will grant or deny 
-    access to all requests.</p>
-
-    <div class="example"><p><code>
-    Require all granted<br />
-    </code></p></div>
-
-    <div class="example"><p><code>
-    Require all denied<br />
-    </code></p></div>
-
-
-
-<h3><a name="reqmethod" id="reqmethod">Require method</a></h3>
-
-    <p>The <code>method</code> provider allows to use the HTTP method in
-    authorization decisions. The GET and HEAD methods are treated as
-    equivalent. The TRACE method is not available to this provider,
-    use <code class="directive"><a href="../mod/core.html#traceenable">TraceEnable</a></code>
instead.</p>
-
-    <p>The following example will only allow GET, HEAD, POST, and OPTIONS
-    requests:</p>
-
-    <div class="example"><p><code>
-        Require method GET POST OPTIONS<br />
-    </code></p></div>
-
-    <p>The following example will allow GET, HEAD, POST, and OPTIONS
-    requests without authentication, and require a valid user for all other
-    methods:</p>
-
-    <div class="example"><p><code>
-        &lt;RequireAny&gt;<br />
-        &nbsp;Require method GET POST OPTIONS<br />
-        &nbsp;Require valid-user<br />
-        &lt;/RequireAny&gt;<br />
-    </code></p></div>
-
-
-
-
 </div>
 </div>
 <div class="bottomlang">



Mime
View raw message