httpd-docs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sl...@locus.apache.org
Subject cvs commit: httpd-docs-2.0/htdocs/manual/mod mod_auth_anon.html mod_auth_db.html mod_auth_dbm.html mod_auth_digest.html index.html index-bytype.html
Date Mon, 25 Sep 2000 23:59:29 GMT
slive       00/09/25 16:59:29

  Modified:    htdocs/manual/mod mod_auth_anon.html mod_auth_db.html
                        mod_auth_dbm.html mod_auth_digest.html index.html
                        index-bytype.html
  Log:
  Style updates.
  
  Revision  Changes    Path
  1.25      +72 -66    httpd-docs-2.0/htdocs/manual/mod/mod_auth_anon.html
  
  Index: mod_auth_anon.html
  ===================================================================
  RCS file: /home/cvs/httpd-docs-2.0/htdocs/manual/mod/mod_auth_anon.html,v
  retrieving revision 1.24
  retrieving revision 1.25
  diff -u -r1.24 -r1.25
  --- mod_auth_anon.html	2000/09/12 15:16:52	1.24
  +++ mod_auth_anon.html	2000/09/25 23:59:28	1.25
  @@ -14,28 +14,38 @@
   <!--#include virtual="header.html" -->
   <H1 ALIGN="CENTER">Module mod_auth_anon</H1>
   
  -This module is contained in the <CODE>mod_auth_anon.c</CODE> file and
  -is not compiled in by default. It is only available in Apache 1.1 and
  -later. It allows "anonymous" user access to authenticated areas.
  +This module allows "anonymous" user access to authenticated areas.
   
  +<P><A
  +HREF="module-dict.html#Status"
  +REL="Help"
  +><STRONG>Status:</STRONG></A> Extension
  +<BR>
  +<A
  +HREF="module-dict.html#SourceFile"
  +REL="Help"
  +><STRONG>Source File:</STRONG></A> mod_auth_anon.c
  +<BR>
  +<A
  +HREF="module-dict.html#ModuleIdentifier"
  +REL="Help"
  +><STRONG>Module Identifier:</STRONG></A> anon_auth_module
  +</P>
  +
  +
   <H2>Summary</H2>
   
  -It does access control in a manner similar to anonymous-ftp sites; <EM>i.e.</EM>
  -have a 'magic' user id 'anonymous' and the email address as a password.
  -These email addresses can be logged.
  -<P>
  -Combined with other (database) access control methods, this allows for
  +<P>This module does access control in a manner similar to
  +anonymous-ftp sites; <EM>i.e.</EM> have a 'magic' user id 'anonymous'
  +and the email address as a password.  These email addresses can be
  +logged.</p>
  +
  +<p>Combined with other (database) access control methods, this allows for
   effective user tracking and customization according to a user profile
   while still keeping the site open for 'unregistered' users. One advantage
   of using Auth-based user tracking is that, unlike magic-cookies and
   funny URL pre/postfixes, it is completely browser independent and it
  -allows users to share URLs.
  -<P>
  -
  -<A HREF="#Directives">Directives</A> /
  -<A HREF="#Example">Example</A> /
  -<A HREF="#CompileTimeOptions">Compile time options</A> /
  -<P>
  +allows users to share URLs.</p>
   
   <H2><A NAME="Directives">Directives</A></H2>
   <UL>
  @@ -47,6 +57,53 @@
   <LI><A HREF="#VerifyEmail">Anonymous_VerifyEmail</A>
   </UL>
   
  +<H2><A NAME="Example">Example</A></H2>
  +
  +The example below (when combined with the Auth directives
  +of a htpasswd-file based (or GDM, mSQL <EM>etc.</EM>) base access
  +control system allows users in as 'guests' with the
  +following properties:
  +<UL>
  +<LI>
  +It insists that the user enters a userId. (<CODE>Anonymous_NoUserId</CODE>)
  +<LI>
  +It insists that the user enters a password.
  +(<CODE>Anonymous_MustGiveEmail</CODE>)
  +<LI>
  +The password entered must be a valid email address, ie. contain at least one
  +'@' and a '.'. (<CODE>Anonymous_VerifyEmail</CODE>)
  +<LI>
  +The userID must be one of <CODE>anonymous guest www test welcome</CODE>
  +and comparison is <STRONG>not</STRONG> case sensitive.
  +<LI>
  +And the Email addresses entered in the passwd field are logged to
  +the error log file
  +(<CODE>Anonymous_LogEmail</CODE>)
  +</UL>
  +<P>
  +Excerpt of access.conf:
  +<BLOCKQUOTE><CODE>
  +Anonymous_NoUserId      off<BR>
  +Anonymous_MustGiveEmail on<BR>
  +Anonymous_VerifyEmail    on<BR>
  +Anonymous_LogEmail      on<BR>
  +Anonymous        anonymous guest www test welcome<P>
  +<P>
  +AuthName                "Use 'anonymous' &amp; Email address for guest entry"<BR>
  +AuthType                basic
  +<P>
  +# An AuthUserFile/AuthDBUserFile/AuthDBMUserFile<BR>
  +# directive must be specified, or use<BR>
  +# Anonymous_Authoritative for public access.<BR>
  +# In the .htaccess for the public directory, add:<BR>
  +&lt;Files *&gt;<BR>
  +Order Deny,Allow          <BR>
  +Allow from all            <BR>
  +<P>
  +Require valid-user        <BR>
  +&lt;/Files&gt;<BR>
  +</CODE></BLOCKQUOTE>
  +
   <HR>
   
   <H2><A NAME="anonymous">Anonymous directive</A></H2>
  @@ -258,58 +315,7 @@
           checked for at least one '@' and a '.' to encourage users to enter
           valid email addresses (see the above <CODE>Auth_LogEmail</CODE>).
   
  -<HR>
  -<H2><A NAME="Example">Example</A></H2>
  -
  -The example below (when combined with the Auth directives
  -of a htpasswd-file based (or GDM, mSQL <EM>etc.</EM>) base access
  -control system allows users in as 'guests' with the
  -following properties:
  -<UL>
  -<LI>
  -It insists that the user enters a userId. (<CODE>Anonymous_NoUserId</CODE>)
  -<LI>
  -It insists that the user enters a password.
  -(<CODE>Anonymous_MustGiveEmail</CODE>)
  -<LI>
  -The password entered must be a valid email address, ie. contain at least one
  -'@' and a '.'. (<CODE>Anonymous_VerifyEmail</CODE>)
  -<LI>
  -The userID must be one of <CODE>anonymous guest www test welcome</CODE>
  -and comparison is <STRONG>not</STRONG> case sensitive.
  -<LI>
  -And the Email addresses entered in the passwd field are logged to
  -the error log file
  -(<CODE>Anonymous_LogEmail</CODE>)
  -</UL>
  -<P>
  -Excerpt of access.conf:
  -<BLOCKQUOTE><CODE>
  -Anonymous_NoUserId      off<BR>
  -Anonymous_MustGiveEmail on<BR>
  -Anonymous_VerifyEmail    on<BR>
  -Anonymous_LogEmail      on<BR>
  -Anonymous        anonymous guest www test welcome<P>
  -<P>
  -AuthName                "Use 'anonymous' &amp; Email address for guest entry"<BR>
  -AuthType                basic
  -<P>
  -# An AuthUserFile/AuthDBUserFile/AuthDBMUserFile<BR>
  -# directive must be specified, or use<BR>
  -# Anonymous_Authoritative for public access.<BR>
  -# In the .htaccess for the public directory, add:<BR>
  -&lt;Files *&gt;<BR>
  -Order Deny,Allow          <BR>
  -Allow from all            <BR>
  -<P>
  -Require valid-user        <BR>
  -&lt;/Files&gt;<BR>
  -</CODE></BLOCKQUOTE>
  -
  -<HR>
  -<H2><A NAME="CompileTimeOptions">Compile Time Options</A></H2>
   
  -Currently there are no Compile options.
   
   <!--#include virtual="footer.html" -->
   </BODY>
  
  
  
  1.19      +53 -27    httpd-docs-2.0/htdocs/manual/mod/mod_auth_db.html
  
  Index: mod_auth_db.html
  ===================================================================
  RCS file: /home/cvs/httpd-docs-2.0/htdocs/manual/mod/mod_auth_db.html,v
  retrieving revision 1.18
  retrieving revision 1.19
  diff -u -r1.18 -r1.19
  --- mod_auth_db.html	2000/09/12 15:16:52	1.18
  +++ mod_auth_db.html	2000/09/25 23:59:28	1.19
  @@ -15,32 +15,57 @@
   <!--#include virtual="header.html" -->
   <H1 ALIGN="CENTER">Module mod_auth_db</H1>
   
  -This module is contained in the <CODE>mod_auth_db.c</CODE> file, and
  -is not compiled in by default. It provides for user authentication using
  -Berkeley DB files. It is an alternative to <A HREF="mod_auth_dbm.html">DBM</A>
  -files for those systems which support DB and not DBM. It is only
  -available in Apache 1.1 and later.
  +<p>This module provides for user authentication using Berkeley DB
  +files. </p>
   
  -<P>
  -On some BSD systems (<EM>e.g.</EM>, FreeBSD and NetBSD) dbm is automatically
mapped to
  -Berkeley DB. You can use either <A HREF="mod_auth_dbm.html">mod_auth_dbm</A>
  -or mod_auth_db. The latter makes it more obvious that it's Berkeley DB.  On
  -other platforms where you want to use the DB library you usually have to
  -install it first. See 
  -<A HREF="http://www.sleepycat.com/">http://www.sleepycat.com/</A> for the
  -distribution. The interface this module uses is the one from DB version 1.85
  -and 1.86, but DB version 2.x can also be used when compatibility mode is
  -enabled.
  +<P><A
  +HREF="module-dict.html#Status"
  +REL="Help"
  +><STRONG>Status:</STRONG></A> Extension
  +<BR>
  +<A
  +HREF="module-dict.html#SourceFile"
  +REL="Help"
  +><STRONG>Source File:</STRONG></A> mod_auth_db.c
  +<BR>
  +<A
  +HREF="module-dict.html#ModuleIdentifier"
  +REL="Help"
  +><STRONG>Module Identifier:</STRONG></A> db_auth_module
  +</P>
  +
  +<h2>Summary</h2>
  +
  +<p>This module provides an alternative to <A
  +HREF="mod_auth_dbm.html">DBM</A> files for those systems which support
  +DB and not DBM. It is only available in Apache 1.1 and later.</p>
  +
  +<p>On some BSD systems (<EM>e.g.</EM>, FreeBSD and NetBSD) dbm is
  +automatically mapped to Berkeley DB. You can use either <A
  +HREF="mod_auth_dbm.html">mod_auth_dbm</A> or mod_auth_db. The latter
  +makes it more obvious that it's Berkeley DB.  On other platforms where
  +you want to use the DB library you usually have to install it
  +first. See <A
  +HREF="http://www.sleepycat.com/">http://www.sleepycat.com/</A> for the
  +distribution. The interface this module uses is the one from DB
  +version 1.85 and 1.86, but DB version 2.x can also be used when
  +compatibility mode is enabled.</p>
  +
  +<h2>Directives</h2>
   
  -<MENU>
  +<UL>
   <LI><A HREF="#authdbgroupfile">AuthDBGroupFile</A>
   <LI><A HREF="#authdbuserfile">AuthDBUserFile</A>
   <LI><A HREF="#authdbauthoritative">AuthDBAuthoritative</A>
  -</MENU>
  +</UL>
  +
  +<p>See also: <a href="core.html#satisfy">satisfy</a> and 
  +<a href="core.html#require">require</a>.</p>
  +
   <HR>
   
   
  -<H2><A NAME="authdbgroupfile">AuthDBGroupFile</A></H2>
  +<H2><A NAME="authdbgroupfile">AuthDBGroupFile directive</A></H2>
   <!--%plaintext &lt;?INDEX {\tt AuthDBGroupFile} directive&gt; -->
   <A
    HREF="directive-dict.html#Syntax"
  @@ -103,7 +128,7 @@
   <A HREF="core.html#authtype">AuthType</A> and
   <A HREF="#authdbuserfile">AuthDBUserFile</A>.<P><HR>
   
  -<H2><A NAME="authdbuserfile">AuthDBUserFile</A></H2>
  +<H2><A NAME="authdbuserfile">AuthDBUserFile</A> directive</H2>
   <!--%plaintext &lt;?INDEX {\tt AuthDBUserFile} directive&gt; -->
   <A
    HREF="directive-dict.html#Syntax"
  @@ -152,14 +177,18 @@
   <A HREF="core.html#authtype">AuthType</A> and
   <A HREF="#authdbgroupfile">AuthDBGroupFile</A>.<P>
   <HR>
  -<H2><A NAME="authdbauthoritative">AuthDBAuthoritative</A></H2>
  +<H2><A NAME="authdbauthoritative">AuthDBAuthoritative</A> directive</H2>
   <!--%plaintext &lt;?INDEX {\tt AuthDBAuthoritative} directive&gt; -->
   <A
    HREF="directive-dict.html#Syntax"
    REL="Help"
   ><STRONG>Syntax:</STRONG></A> AuthDBAuthoritative &lt;
  - <STRONG> on</STRONG>(default) | off &gt; <BR>
  + <STRONG> on</STRONG>| off &gt; <BR>
   <A
  + HREF="directive-dict.html#Default"
  + REL="Help"
  +><STRONG>Default:</STRONG></A> <CODE>AuthDBAuthoritative on</CODE><BR>
  +<A
    HREF="directive-dict.html#Context"
    REL="Help"
   ><STRONG>Context:</STRONG></A> directory, .htaccess<BR>
  @@ -195,13 +224,10 @@
   checking; a few (administrator) related accesses fall through to
   a lower level with a well protected .htpasswd file.  <P>
   
  -<A
  - HREF="directive-dict.html#Default"
  - REL="Help"
  -><STRONG>Default:</STRONG></A> By default; control is not passed on;
and an
  -unknown
  +
  +By default, control is not passed on and an unknown
   userID or rule will result in an Authorization Required reply. Not
  -setting it thus keeps the system secure; and forces an NCSA compliant
  +setting it thus keeps the system secure and forces an NCSA compliant
   behaviour.  <P>
   Security: Do consider the implications of allowing a user to allow
   fall-through in his .htaccess file; and verify that this is really
  
  
  
  1.20      +42 -15    httpd-docs-2.0/htdocs/manual/mod/mod_auth_dbm.html
  
  Index: mod_auth_dbm.html
  ===================================================================
  RCS file: /home/cvs/httpd-docs-2.0/htdocs/manual/mod/mod_auth_dbm.html,v
  retrieving revision 1.19
  retrieving revision 1.20
  diff -u -r1.19 -r1.20
  --- mod_auth_dbm.html	2000/09/12 15:16:52	1.19
  +++ mod_auth_dbm.html	2000/09/25 23:59:28	1.20
  @@ -16,16 +16,42 @@
   
   <H1 ALIGN="CENTER">Module mod_auth_dbm</H1>
   
  -This module is contained in the <CODE>mod_auth_dbm.c</CODE> file, and
  -is not compiled in by default. It provides for user authentication using
  -DBM files.
  +<p>This module provides for user authentication using DBM files.</p>
   
  +<P><A
  +HREF="module-dict.html#Status"
  +REL="Help"
  +><STRONG>Status:</STRONG></A> Extension
  +<BR>
  +<A
  +HREF="module-dict.html#SourceFile"
  +REL="Help"
  +><STRONG>Source File:</STRONG></A> mod_auth_dbm.c
  +<BR>
  +<A
  +HREF="module-dict.html#ModuleIdentifier"
  +REL="Help"
  +><STRONG>Module Identifier:</STRONG></A> dbm_auth_module
  +</P>
  +
  +<h2>Summary</h2>
  +
  +<p>This module provides for HTTP Basic Authentication, where the
  +usernames and passwords are stored in DBM type database files.  It is
  +an alternative to the plain text password files provided by <a
  +href="mod_auth.html">mod_auth</A> and the Berkely DB password files
  +provided by <a href="mod_auth_db.html">mod_auth_db</a>.</p>
   
  -<MENU>
  +<h2>Directives</h2>
  +
  +<ul>
   <LI><A HREF="#authdbmgroupfile">AuthDBMGroupFile</A>
   <LI><A HREF="#authdbmuserfile">AuthDBMUserFile</A>
   <LI><A HREF="#authdbmauthoritative">AuthDBMAuthoritative</A>
  -</MENU>
  +</ul>
  +
  +<p>See also: <a href="core.html#satisfy">Satisfy</a> and 
  +<a href="core.html#require">Require</a>.
   <HR>
   
   
  @@ -147,8 +173,12 @@
   <!--%plaintext &lt;?INDEX {\tt AuthDBMAuthoritative} directive&gt; -->
   <A
    HREF="directive-dict.html#Syntax"
  + REL="Help"
  +><STRONG>Syntax:</STRONG></A> AuthDBMAuthoritative &lt; <STRONG>
on</STRONG> | off &gt; <BR>
  +<A
  + HREF="directive-dict.html#Default"
    REL="Help"
  -><STRONG>Syntax:</STRONG></A> AuthDBMAuthoritative &lt; <STRONG>
on</STRONG>(default) | off &gt; <BR>
  +><STRONG>Default:</STRONG></A> <code>AuthDBMAuthoritative on</code><br>
   <A
    HREF="directive-dict.html#Context"
    REL="Help"
  @@ -160,11 +190,11 @@
   <A
    HREF="directive-dict.html#Status"
    REL="Help"
  -><STRONG>Status:</STRONG></A> Base<BR>
  +><STRONG>Status:</STRONG></A> Extension<BR>
   <A
    HREF="directive-dict.html#Module"
    REL="Help"
  -><STRONG>Module:</STRONG></A> mod_auth<P>
  +><STRONG>Module:</STRONG></A> mod_auth_dbm<P>
   
   Setting the AuthDBMAuthoritative directive explicitly to <STRONG>'off'</STRONG>
   allows for both authentication and authorization to be passed on
  @@ -185,13 +215,10 @@
   checking; a few (administrator) related accesses fall through to
   a lower level with a well protected .htpasswd file.  <P>
   
  -<A
  - HREF="directive-dict.html#Default"
  - REL="Help"
  -><STRONG>Default:</STRONG></A> By default; control is not passed on;
and an unknown
  -userID or rule will result in an Authorization Required reply. Not
  -setting it thus keeps the system secure; and forces an NCSA compliant
  -behaviour.  <P>
  +
  +By default, control is not passed on and an unknown userID or rule
  +will result in an Authorization Required reply. Not setting it thus
  +keeps the system secure and forces an NCSA compliant behaviour.  <P>
   
   Security: Do consider the implications of allowing a user to allow
   fall-through in his .htaccess file; and verify that this is really
  
  
  
  1.4       +87 -93    httpd-docs-2.0/htdocs/manual/mod/mod_auth_digest.html
  
  Index: mod_auth_digest.html
  ===================================================================
  RCS file: /home/cvs/httpd-docs-2.0/htdocs/manual/mod/mod_auth_digest.html,v
  retrieving revision 1.3
  retrieving revision 1.4
  diff -u -r1.3 -r1.4
  --- mod_auth_digest.html	2000/09/12 15:16:53	1.3
  +++ mod_auth_digest.html	2000/09/25 23:59:28	1.4
  @@ -15,19 +15,36 @@
   <!--#include virtual="header.html" -->
   <H1 ALIGN="CENTER">Module mod_auth_digest</H1>
   
  -This module is contained in the <CODE>mod_auth_digest.c</CODE> file, and is
  -not compiled in by default. It is only available in Apache 1.3.8 and
  -later. It provides for user authentication using MD5 Digest
  -Authentication.
  +<p>This module provides for user authentication using MD5 Digest
  +Authentication.</p>
   
  -<P>Note this is an updated version of <A
  +<P><A
  +HREF="module-dict.html#Status"
  +REL="Help"
  +><STRONG>Status:</STRONG></A> Experimental
  +<BR>
  +<A
  +HREF="module-dict.html#SourceFile"
  +REL="Help"
  +><STRONG>Source File:</STRONG></A> mod_auth_digest.c
  +<BR>
  +<A
  +HREF="module-dict.html#ModuleIdentifier"
  +REL="Help"
  +><STRONG>Module Identifier:</STRONG></A> digest_auth_module
  +</P>
  +
  +<h2>Summary</h2>
  +
  +<P>This is an updated version of <A
   HREF="mod_digest.html">mod_digest</A>. However, it has not been
  -extensively tested and is therefore marked experimental. If you use this
  -module, you must make sure to <em>not</em> use mod_digest (because they
  -share some of the same configuration directives).
  +extensively tested and is therefore marked experimental. If you use
  +this module, you must make sure to <em>not</em> use mod_digest
  +(because they share some of the same configuration directives).
   
  +<h2>Directives</h2>
   
  -<MENU>
  +<ul>
   <LI><A HREF="#authdigestfile">AuthDigestFile</A>
   <LI><A HREF="#authdigestgroupfile">AuthDigestGroupFile</A>
   <LI><A HREF="#authdigestqop">AuthDigestQop</A>
  @@ -36,12 +53,47 @@
   <LI><A HREF="#authdigestnccheck">AuthDigestNcCheck</A>
   <LI><A HREF="#authdigestalgorithm">AuthDigestAlgorithm</A>
   <LI><A HREF="#authdigestdomain">AuthDigestDomain</A>
  -<LI><A HREF="#usingdigest">Using Digest Authentication</A>
  -</MENU>
  +</ul>
  +
  +<p>See also: <a href="core.html#require">Require</a> and
  +<a href="core.html#satisfy">Satisfy</a>.
  +
  +<H3><A NAME="usingdigest">Using Digest Authentication</A></H3>
  +
  +<P>Using MD5 Digest authentication is very simple. Simply set up
  +authentication normally, using "AuthType Digest" and "AuthDigestFile"
  +instead of the normal "AuthType Basic" and "AuthUserFile"; also,
  +replace any "AuthGroupFile" with "AuthDigestGroupFile". Then add a
  +"AuthDigestDomain" directive containing at least the root URI(s) for
  +this protection space. Example:
  +
  +<PRE>
  +  &lt;Location /private/&gt;
  +  AuthType Digest
  +  AuthName "private area"
  +  AuthDigestDomain /private/ http://mirror.my.dom/private2/
  +  AuthDigestFile /web/auth/.digest_pw
  +  Require valid-user
  +  &lt;/Location&gt;
  +</PRE>
  +
  +<P><strong>Note:</strong> MD5 authentication provides a more secure
  +password system than Basic authentication, but only works with supporting
  +browsers. As of this writing (July 1999), the only major browsers which
  +support digest authentication are <A
  +HREF="http://www.microsoft.com/windows/ie/">Internet Explorer 5.0</A> and
  +<A HREF="http://www.w3.org/Amaya/">Amaya</A>. Therefore, we do not
  +recommend using this feature on a large Internet site. However, for
  +personal and intra-net use, where browser users can be controlled, it is
  +ideal.
  +
  +
   <HR>
   
  +
  +
   
  -<H2><A NAME="authdigestfile">AuthDigestFile</A></H2>
  +<H2><A NAME="authdigestfile">AuthDigestFile</A> directive</H2>
   <A
    HREF="directive-dict.html#Syntax"
    REL="Help"
  @@ -57,7 +109,7 @@
   <A
    HREF="directive-dict.html#Status"
    REL="Help"
  -><STRONG>Status:</STRONG></A> Base<BR>
  +><STRONG>Status:</STRONG></A> Experimental<BR>
   <A
    HREF="directive-dict.html#Module"
    REL="Help"
  @@ -73,7 +125,7 @@
   
   <HR>
   
  -<H2><A NAME="authdigestgroupfile">AuthDigestGroupFile</A></H2>
  +<H2><A NAME="authdigestgroupfile">AuthDigestGroupFile</A> directive</H2>
   <A
    HREF="directive-dict.html#Syntax"
    REL="Help"
  @@ -89,15 +141,11 @@
   <A
    HREF="directive-dict.html#Status"
    REL="Help"
  -><STRONG>Status:</STRONG></A> Base<BR>
  +><STRONG>Status:</STRONG></A> Experimental<BR>
   <A
    HREF="directive-dict.html#Module"
  - REL="Help"
  -><STRONG>Module:</STRONG></A> mod_auth_digest<BR>
  -<A
  - HREF="directive-dict.html#Compatibility"
    REL="Help"
  -><STRONG>Compatibility:</STRONG></A> Available in Apache 1.3.8 and
later
  +><STRONG>Module:</STRONG></A> mod_auth_digest
   
   <P>The AuthDigestGroupFile directive sets the name of a textual file
   containing the list of groups and their members (user names).
  @@ -115,7 +163,7 @@
   
   <HR>
   
  -<H2><A NAME="authdigestqop">AuthDigestQop</A></H2>
  +<H2><A NAME="authdigestqop">AuthDigestQop</A> directive</H2>
   <A
    HREF="directive-dict.html#Syntax"
    REL="Help"
  @@ -135,15 +183,11 @@
   <A
    HREF="directive-dict.html#Status"
    REL="Help"
  -><STRONG>Status:</STRONG></A> Base<BR>
  +><STRONG>Status:</STRONG></A> Experimental<BR>
   <A
    HREF="directive-dict.html#Module"
    REL="Help"
  -><STRONG>Module:</STRONG></A> mod_auth_digest<BR>
  -<A
  - HREF="directive-dict.html#Compatibility"
  - REL="Help"
  -><STRONG>Compatibility:</STRONG></A> Available in Apache 1.3.8 and
later
  +><STRONG>Module:</STRONG></A> mod_auth_digest
   
   <P>The AuthDigestQop directive determines the quality-of-protection to use.
   <EM>auth</EM> will only do authentication (username/password);
  @@ -159,7 +203,8 @@
   
   <HR>
   
  -<H2><A NAME="authdigestnoncelifetime">AuthDigestNonceLifetime</A></H2>
  +<H2><A NAME="authdigestnoncelifetime">AuthDigestNonceLifetime</A> 
  +directive</H2>
   <A
    HREF="directive-dict.html#Syntax"
    REL="Help"
  @@ -179,15 +224,11 @@
   <A
    HREF="directive-dict.html#Status"
    REL="Help"
  -><STRONG>Status:</STRONG></A> Base<BR>
  +><STRONG>Status:</STRONG></A> Experimental<BR>
   <A
    HREF="directive-dict.html#Module"
  - REL="Help"
  -><STRONG>Module:</STRONG></A> mod_auth_digest<BR>
  -<A
  - HREF="directive-dict.html#Compatibility"
    REL="Help"
  -><STRONG>Compatibility:</STRONG></A> Available in Apache 1.3.8 and
later
  +><STRONG>Module:</STRONG></A> mod_auth_digest
   
   <P>The AuthDigestNonceLifetime directive controls how long the server
   nonce is valid. When the client contacts the server using an expired
  @@ -213,7 +254,7 @@
   -->
   
   <HR>
  -<H2><A NAME="authdigestnonceformat">AuthDigestNonceFormat</A></H2>
  +<H2><A NAME="authdigestnonceformat">AuthDigestNonceFormat</A> directive</H2>
   <A
    HREF="directive-dict.html#Syntax"
    REL="Help"
  @@ -233,15 +274,11 @@
   <A
    HREF="directive-dict.html#Status"
    REL="Help"
  -><STRONG>Status:</STRONG></A> Base<BR>
  +><STRONG>Status:</STRONG></A> Experimental<BR>
   <A
    HREF="directive-dict.html#Module"
  - REL="Help"
  -><STRONG>Module:</STRONG></A> mod_auth_digest<BR>
  -<A
  - HREF="directive-dict.html#Compatibility"
    REL="Help"
  -><STRONG>Compatibility:</STRONG></A> Available in Apache 1.3.8 and
later
  +><STRONG>Module:</STRONG></A> mod_auth_digest
   
   <P><STRONG>Not implemented yet.</STRONG>
   <!--
  @@ -250,7 +287,7 @@
   -->
   
   <HR>
  -<H2><A NAME="authdigestnccheck">AuthDigestNcCheck</A></H2>
  +<H2><A NAME="authdigestnccheck">AuthDigestNcCheck</A> directive</H2>
   <A
    HREF="directive-dict.html#Syntax"
    REL="Help"
  @@ -270,15 +307,11 @@
   <A
    HREF="directive-dict.html#Status"
    REL="Help"
  -><STRONG>Status:</STRONG></A> Base<BR>
  +><STRONG>Status:</STRONG></A> Experimental<BR>
   <A
    HREF="directive-dict.html#Module"
    REL="Help"
  -><STRONG>Module:</STRONG></A> mod_auth_digest<BR>
  -<A
  - HREF="directive-dict.html#Compatibility"
  - REL="Help"
  -><STRONG>Compatibility:</STRONG></A> Available in Apache 1.3.8 and
later
  +><STRONG>Module:</STRONG></A> mod_auth_digest
   
   <P><STRONG>Not implemented yet.</STRONG>
   <!--
  @@ -295,7 +328,7 @@
   -->
   
   <HR>
  -<H2><A NAME="authdigestalgorithm">AuthDigestAlgorithm</A></H2>
  +<H2><A NAME="authdigestalgorithm">AuthDigestAlgorithm</A> directive</H2>
   <A
    HREF="directive-dict.html#Syntax"
    REL="Help"
  @@ -315,15 +348,11 @@
   <A
    HREF="directive-dict.html#Status"
    REL="Help"
  -><STRONG>Status:</STRONG></A> Base<BR>
  +><STRONG>Status:</STRONG></A> Experimental<BR>
   <A
    HREF="directive-dict.html#Module"
    REL="Help"
  -><STRONG>Module:</STRONG></A> mod_auth_digest<BR>
  -<A
  - HREF="directive-dict.html#Compatibility"
  - REL="Help"
  -><STRONG>Compatibility:</STRONG></A> Available in Apache 1.3.8 and
later
  +><STRONG>Module:</STRONG></A> mod_auth_digest
   
   <P>The AuthDigestAlgorithm directive selects the algorithm used to calculate
   the challenge and response hashes.
  @@ -335,7 +364,7 @@
   -->
   
   <HR>
  -<H2><A NAME="authdigestdomain">AuthDigestDomain</A></H2>
  +<H2><A NAME="authdigestdomain">AuthDigestDomain</A> directive</H2>
   <A
    HREF="directive-dict.html#Syntax"
    REL="Help"
  @@ -351,15 +380,11 @@
   <A
    HREF="directive-dict.html#Status"
    REL="Help"
  -><STRONG>Status:</STRONG></A> Base<BR>
  +><STRONG>Status:</STRONG></A> Experimental<BR>
   <A
    HREF="directive-dict.html#Module"
  - REL="Help"
  -><STRONG>Module:</STRONG></A> mod_auth_digest<BR>
  -<A
  - HREF="directive-dict.html#Compatibility"
    REL="Help"
  -><STRONG>Compatibility:</STRONG></A> Available in Apache 1.3.8 and
later
  +><STRONG>Module:</STRONG></A> mod_auth_digest
   
   <P>The AuthDigestDomain directive allows you to specify one or more URIs
   which are in the same protection space (i.e. use the same realm and
  @@ -378,37 +403,6 @@
   clients (which understand this) will then share username/password info
   across multiple servers without prompting the user each time.
   
  -
  -<HR>
  -
  -<H3><A NAME="usingdigest">Using Digest Authentication</A></H3>
  -
  -<P>Using MD5 Digest authentication is very simple. Simply set up
  -authentication normally, using "AuthType Digest" and "AuthDigestFile"
  -instead of the normal "AuthType Basic" and "AuthUserFile"; also,
  -replace any "AuthGroupFile" with "AuthDigestGroupFile". Then add a
  -"AuthDigestDomain" directive containing at least the root URI(s) for
  -this protection space. Example:
  -
  -<PRE>
  -  &lt;Location /private/&gt;
  -  AuthType Digest
  -  AuthName "private area"
  -  AuthDigestDomain /private/ http://mirror.my.dom/private2/
  -  AuthDigestFile /web/auth/.digest_pw
  -  Require valid-user
  -  &lt;/Location&gt;
  -</PRE>
  -
  -<P><strong>Note:</strong> MD5 authentication provides a more secure
  -password system than Basic authentication, but only works with supporting
  -browsers. As of this writing (July 1999), the only major browsers which
  -support digest authentication are <A
  -HREF="http://www.microsoft.com/windows/ie/">Internet Explorer 5.0</A> and
  -<A HREF="http://www.w3.org/Amaya/">Amaya</A>. Therefore, we do not
  -recommend using this feature on a large Internet site. However, for
  -personal and intra-net use, where browser users can be controlled, it is
  -ideal.
   
   <!--#include virtual="footer.html" -->
   </BODY>
  
  
  
  1.37      +1 -1      httpd-docs-2.0/htdocs/manual/mod/index.html
  
  Index: index.html
  ===================================================================
  RCS file: /home/cvs/httpd-docs-2.0/htdocs/manual/mod/index.html,v
  retrieving revision 1.36
  retrieving revision 1.37
  diff -u -r1.36 -r1.37
  --- index.html	2000/09/25 21:50:07	1.36
  +++ index.html	2000/09/25 23:59:28	1.37
  @@ -39,7 +39,7 @@
   <DT><A HREF="mod_auth.html">mod_auth</A>
   <DD>User authentication using text files.
   <DT><A HREF="mod_auth_anon.html">mod_auth_anon</A>
  -<DD>Anonymous user authentication, FTP-style.
  +<DD>Anonymous user access to authenticated areas. 
   <DT><A HREF="mod_auth_db.html">mod_auth_db</A>
   <DD>User authentication using Berkeley DB files.
   <DT><A HREF="mod_auth_dbm.html">mod_auth_dbm</A>
  
  
  
  1.5       +1 -1      httpd-docs-2.0/htdocs/manual/mod/index-bytype.html
  
  Index: index-bytype.html
  ===================================================================
  RCS file: /home/cvs/httpd-docs-2.0/htdocs/manual/mod/index-bytype.html,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -u -r1.4 -r1.5
  --- index-bytype.html	2000/09/25 21:50:07	1.4
  +++ index-bytype.html	2000/09/25 23:59:28	1.5
  @@ -91,7 +91,7 @@
   <DT><A HREF="mod_auth_db.html">mod_auth_db</A>
   <DD>User authentication using Berkeley DB files.
   <DT><A HREF="mod_auth_anon.html">mod_auth_anon</A>
  -<DD>Anonymous user authentication, FTP-style.
  +<DD>Anonymous user access to authenticated areas. 
   <DT><A HREF="mod_auth_digest.html">mod_auth_digest</A>
   <DD>MD5 authentication
   <DT><A HREF="mod_digest.html">mod_digest</A>
  
  
  

Mime
View raw message