| <?xml version="1.0"?> |
| <!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd"> |
| <?xml-stylesheet type="text/xsl" href="../style/manual.en.xsl"?> |
| <!-- $LastChangedRevision$ --> |
| |
| <!-- |
| Licensed to the Apache Software Foundation (ASF) under one or more |
| contributor license agreements. See the NOTICE file distributed with |
| this work for additional information regarding copyright ownership. |
| The ASF licenses this file to You under the Apache License, Version 2.0 |
| (the "License"); you may not use this file except in compliance with |
| the License. You may obtain a copy of the License at |
| |
| http://www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, software |
| distributed under the License is distributed on an "AS IS" BASIS, |
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| See the License for the specific language governing permissions and |
| limitations under the License. |
| --> |
| |
| <modulesynopsis metafile="mod_authn_dbm.xml.meta"> |
| |
| <name>mod_authn_dbm</name> |
| <description>User authentication using DBM files</description> |
| <status>Extension</status> |
| <sourcefile>mod_authn_dbm.c</sourcefile> |
| <identifier>authn_dbm_module</identifier> |
| <compatibility>Available in Apache 2.1 and later</compatibility> |
| |
| <summary> |
| <p>This module provides authentication front-ends such as |
| <module>mod_auth_digest</module> and <module>mod_auth_basic</module> |
| to authenticate users by looking up users in <dfn>dbm</dfn> password |
| files. Similar functionality is provided by |
| <module>mod_authn_file</module>.</p> |
| |
| <p>When using <module>mod_auth_basic</module> or |
| <module>mod_auth_digest</module>, this module is invoked via the |
| <directive module="mod_auth_basic">AuthBasicProvider</directive> or |
| <directive module="mod_auth_digest">AuthDigestProvider</directive> |
| with the <code>dbm</code> value.</p> |
| </summary> |
| |
| <seealso><directive module="mod_authn_core">AuthName</directive></seealso> |
| <seealso><directive module="mod_authn_core">AuthType</directive></seealso> |
| <seealso> |
| <directive module="mod_auth_basic">AuthBasicProvider</directive> |
| </seealso> |
| <seealso> |
| <directive module="mod_auth_digest">AuthDigestProvider</directive> |
| </seealso> |
| <seealso><program>htpasswd</program></seealso> |
| <seealso><program>htdbm</program></seealso> |
| <seealso><a href="../misc/password_encryptions.html">Password Formats</a></seealso> |
| |
| <directivesynopsis> |
| <name>AuthDBMUserFile</name> |
| <description>Sets the name of a database file containing the list of users and |
| passwords for authentication</description> |
| <syntax>AuthDBMUserFile <var>file-path</var></syntax> |
| <contextlist><context>directory</context><context>.htaccess</context> |
| </contextlist> |
| <override>AuthConfig</override> |
| |
| <usage> |
| <p>The <directive>AuthDBMUserFile</directive> directive sets the |
| name of a DBM file containing the list of users and passwords for |
| user authentication. <var>File-path</var> is the absolute path to |
| the user file.</p> |
| |
| <p>The user file is keyed on the username. The value for a user is |
| the encrypted password, optionally followed by a colon and arbitrary |
| data. The colon and the data following it will be ignored by the |
| server.</p> |
| |
| <note type="warning"><title>Security:</title> |
| <p>Make sure that the <directive>AuthDBMUserFile</directive> is stored |
| outside the document tree of the web-server; do <em>not</em> put it in |
| the directory that it protects. Otherwise, clients will be able to |
| download the <directive>AuthDBMUserFile</directive>.</p> |
| </note> |
| |
| <p>The encrypted password format depends on which authentication |
| frontend (e.g. <module>mod_auth_basic</module> or |
| <module>mod_auth_digest</module>) is being used. See <a |
| href="../misc/password_encryptions.html">Password Formats</a> for |
| more information.</p> |
| |
| <p>Important compatibility note: The implementation of |
| <code>dbmopen</code> in the Apache modules reads the string length of |
| the hashed values from the DBM data structures, rather than relying |
| upon the string being NULL-appended. Some applications, such as |
| the Netscape web server, rely upon the string being |
| NULL-appended, so if you are having trouble using DBM files |
| interchangeably between applications this may be a part of the |
| problem.</p> |
| |
| <p>A perl script called |
| <program>dbmmanage</program> is included with |
| Apache. This program can be used to create and update DBM |
| format password files for use with this module. Another |
| tool for maintaining the DBM files is the included program |
| <program>htdbm</program>.</p> |
| </usage> |
| </directivesynopsis> |
| |
| <directivesynopsis> |
| <name>AuthDBMType</name> |
| <description>Sets the type of database file that is used to |
| store passwords</description> |
| <syntax>AuthDBMType default|SDBM|GDBM|NDBM|DB</syntax> |
| <default>AuthDBMType default</default> |
| <contextlist><context>directory</context><context>.htaccess</context> |
| </contextlist> |
| <override>AuthConfig</override> |
| |
| <usage> |
| <p>Sets the type of database file that is used to store the passwords. |
| The default database type is determined at compile time. The |
| availability of other types of database files also depends on |
| <a href="../programs/configure.html#options">compile-time settings</a>.</p> |
| |
| <p>For example, in order to enable the support for Berkeley DB |
| (correspondent to the <code>db</code> type) the |
| <code>--with-berkeley-db</code> option needs to be added to httpd's |
| configure to generate the necessary DSO.</p> |
| |
| <p>It is crucial that whatever program you use to create your password |
| files is configured to use the same type of database.</p> |
| </usage> |
| </directivesynopsis> |
| |
| </modulesynopsis> |