docs/manual/mod/mod_authn_file.xml - httpd - Git at Google

 <?xml version="1.0"?>
 <!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
 <?xml-stylesheet type="text/xsl" href="../style/manual.en.xsl"?>
 <modulesynopsis>

 <name>mod_authn_file</name>
 <description>User authentication using text files</description>
 <status>Base</status>
 <sourcefile>mod_authn_file.c</sourcefile>
 <identifier>authn_file_module</identifier>
 <compatibility>Available in Apache 2.0.44 and later</compatibility>

 <summary>

     <p>This module provides authentication front-ends such as
     <module>mod_auth_digest</module> and <module>mod_auth_basic</module>
     to authenticate users by looking up users in plain text password files.
     Similar functionality is provided by <module>mod_authn_dbm</module>.</p>

     <p>When using <module>mod_auth_basic</module> or
     <module>mod_auth_digest</module>, this module is invoked via the
     <directive module="mod_auth_basic">AuthBasicProvider</directive> or
     <directive module="mod_auth_digest">AuthDigestProvider</directive>
     with the 'file' value.</p>

 </summary>
 <seealso><directive module="core">AuthName</directive></seealso>
 <seealso><directive module="core">AuthType</directive></seealso>
 <seealso>
   <directive module="mod_auth_basic">AuthBasicProvider</directive>
 </seealso>
 <seealso>
   <directive module="mod_auth_digest">AuthDigestProvider</directive>
 </seealso>

 <directivesynopsis>
 <name>AuthUserFile</name>
 <description>Sets the name of a text file containing the list of users and
 passwords for authentication</description>
 <syntax>AuthUserFile <em>file-path</em></syntax>
 <contextlist>
   <context>directory</context>
   <context>.htaccess</context>
 </contextlist>
 <override>AuthConfig</override>

 <usage>
     <p>The <directive>AuthUserFile</directive> directive sets the name
     of a textual file containing the list of users and passwords for
     user authentication. <em>File-path</em> is the path to the user
     file. If it is not absolute (<em>i.e.</em>, if it doesn't begin
     with a slash), it is treated as relative to the <directive
     module="core">ServerRoot</directive>.</p>

     <p>Each line of the user file contains a username followed by
     a colon, followed by the <code>crypt()</code> encrypted
     password. The behavior of multiple occurrences of the same user is
     undefined.</p>

     <p>The utility <a href="../programs/htpasswd.html">htpasswd</a>
     which is installed as part of the binary distribution, or which
     can be found in <code>src/support</code>, is used to maintain
     this password file. See the <code>man</code> page for more
     details. In short:</p>

     <p>Create a password file 'Filename' with 'username' as the
     initial ID. It will prompt for the password:</p>
     <example>htpasswd -c Filename username</example>

     <p>Add or modify 'username2' in the password file 'Filename':</p>
     <example>htpasswd Filename username2</example>

     <p>Note that searching large text files is <em>very</em>
     inefficient; <directive
     module="mod_authn_dbm">AuthDBMUserFile</directive> should be used
     instead.</p>

     <note><title>Security</title>
     <p>Make sure that the <directive>AuthUserFile</directive> is
 	stored outside the document tree of the web-server; do <em>not</em>
 	put it in the directory that it protects. Otherwise, clients will
 	be able to download the <directive>AuthUserFile</directive>.</p>
     </note>
 </usage>
 </directivesynopsis>

 </modulesynopsis>
	<?xml version="1.0"?>
	<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
	<?xml-stylesheet type="text/xsl" href="../style/manual.en.xsl"?>
	<modulesynopsis>

	<name>mod_authn_file</name>
	<description>User authentication using text files</description>
	<status>Base</status>
	<sourcefile>mod_authn_file.c</sourcefile>
	<identifier>authn_file_module</identifier>
	<compatibility>Available in Apache 2.0.44 and later</compatibility>

	<summary>

	<p>This module provides authentication front-ends such as
	<module>mod_auth_digest</module> and <module>mod_auth_basic</module>
	to authenticate users by looking up users in plain text password files.
	Similar functionality is provided by <module>mod_authn_dbm</module>.</p>

	<p>When using <module>mod_auth_basic</module> or
	<module>mod_auth_digest</module>, this module is invoked via the
	<directive module="mod_auth_basic">AuthBasicProvider</directive> or
	<directive module="mod_auth_digest">AuthDigestProvider</directive>
	with the 'file' value.</p>

	</summary>
	<seealso><directive module="core">AuthName</directive></seealso>
	<seealso><directive module="core">AuthType</directive></seealso>
	<seealso>
	<directive module="mod_auth_basic">AuthBasicProvider</directive>
	</seealso>
	<seealso>
	<directive module="mod_auth_digest">AuthDigestProvider</directive>
	</seealso>

	<directivesynopsis>
	<name>AuthUserFile</name>
	<description>Sets the name of a text file containing the list of users and
	passwords for authentication</description>
	<syntax>AuthUserFile <em>file-path</em></syntax>
	<contextlist>
	<context>directory</context>
	<context>.htaccess</context>
	</contextlist>
	<override>AuthConfig</override>

	<usage>
	<p>The <directive>AuthUserFile</directive> directive sets the name
	of a textual file containing the list of users and passwords for
	user authentication. <em>File-path</em> is the path to the user
	file. If it is not absolute (<em>i.e.</em>, if it doesn't begin
	with a slash), it is treated as relative to the <directive
	module="core">ServerRoot</directive>.</p>

	<p>Each line of the user file contains a username followed by
	a colon, followed by the <code>crypt()</code> encrypted
	password. The behavior of multiple occurrences of the same user is
	undefined.</p>

	<p>The utility <a href="../programs/htpasswd.html">htpasswd</a>
	which is installed as part of the binary distribution, or which
	can be found in <code>src/support</code>, is used to maintain
	this password file. See the <code>man</code> page for more
	details. In short:</p>

	<p>Create a password file 'Filename' with 'username' as the
	initial ID. It will prompt for the password:</p>
	<example>htpasswd -c Filename username</example>

	<p>Add or modify 'username2' in the password file 'Filename':</p>
	<example>htpasswd Filename username2</example>

	<p>Note that searching large text files is <em>very</em>
	inefficient; <directive
	module="mod_authn_dbm">AuthDBMUserFile</directive> should be used
	instead.</p>

	<note><title>Security</title>
	<p>Make sure that the <directive>AuthUserFile</directive> is
	stored outside the document tree of the web-server; do <em>not</em>
	put it in the directory that it protects. Otherwise, clients will
	be able to download the <directive>AuthUserFile</directive>.</p>
	</note>
	</usage>
	</directivesynopsis>

	</modulesynopsis>