2.4.x/docs/manual/mod/mod_authn_dbm.xml - httpd - Git at Google

 <?xml version="1.0"?>
 <!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
 <?xml-stylesheet type="text/xsl" href="../style/manual.en.xsl"?>
 <!-- $LastChangedRevision$ -->

 <!--
  Licensed to the Apache Software Foundation (ASF) under one or more
  contributor license agreements.  See the NOTICE file distributed with
  this work for additional information regarding copyright ownership.
  The ASF licenses this file to You under the Apache License, Version 2.0
  (the "License"); you may not use this file except in compliance with
  the License.  You may obtain a copy of the License at

      http://www.apache.org/licenses/LICENSE-2.0

  Unless required by applicable law or agreed to in writing, software
  distributed under the License is distributed on an "AS IS" BASIS,
  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  See the License for the specific language governing permissions and
  limitations under the License.
 -->

 <modulesynopsis metafile="mod_authn_dbm.xml.meta">

 <name>mod_authn_dbm</name>
 <description>User authentication using DBM files</description>
 <status>Extension</status>
 <sourcefile>mod_authn_dbm.c</sourcefile>
 <identifier>authn_dbm_module</identifier>
 <compatibility>Available in Apache 2.1 and later</compatibility>

 <summary>
     <p>This module provides authentication front-ends such as
     <module>mod_auth_digest</module> and <module>mod_auth_basic</module>
     to authenticate users by looking up users in <dfn>dbm</dfn> password
     files. Similar functionality is provided by
     <module>mod_authn_file</module>.</p>

     <p>When using <module>mod_auth_basic</module> or
     <module>mod_auth_digest</module>, this module is invoked via the
     <directive module="mod_auth_basic">AuthBasicProvider</directive> or
     <directive module="mod_auth_digest">AuthDigestProvider</directive>
     with the <code>dbm</code> value.</p>
 </summary>

 <seealso><directive module="mod_authn_core">AuthName</directive></seealso>
 <seealso><directive module="mod_authn_core">AuthType</directive></seealso>
 <seealso>
   <directive module="mod_auth_basic">AuthBasicProvider</directive>
 </seealso>
 <seealso>
   <directive module="mod_auth_digest">AuthDigestProvider</directive>
 </seealso>
 <seealso><program>htpasswd</program></seealso>
 <seealso><program>htdbm</program></seealso>
 <seealso><a href="../misc/password_encryptions.html">Password Formats</a></seealso>

 <directivesynopsis>
 <name>AuthDBMUserFile</name>
 <description>Sets the name of a database file containing the list of users and
 passwords for authentication</description>
 <syntax>AuthDBMUserFile <var>file-path</var></syntax>
 <contextlist><context>directory</context><context>.htaccess</context>
 </contextlist>
 <override>AuthConfig</override>

 <usage>
     <p>The <directive>AuthDBMUserFile</directive> directive sets the
     name of a DBM file containing the list of users and passwords for
     user authentication. <var>File-path</var> is the absolute path to
     the user file.</p>

     <p>The user file is keyed on the username. The value for a user is
     the encrypted password, optionally followed by a colon and arbitrary
     data. The colon and the data following it will be ignored by the
     server.</p>

     <note type="warning"><title>Security:</title>
       <p>Make sure that the <directive>AuthDBMUserFile</directive> is stored
       outside the document tree of the web-server; do <em>not</em> put it in
       the directory that it protects. Otherwise, clients will be able to
       download the <directive>AuthDBMUserFile</directive>.</p>
     </note>

     <p>The encrypted password format depends on which authentication
     frontend (e.g. <module>mod_auth_basic</module> or
     <module>mod_auth_digest</module>) is being used.  See <a
     href="../misc/password_encryptions.html">Password Formats</a> for
     more information.</p>

     <p>Important compatibility note: The implementation of
     <code>dbmopen</code> in the Apache modules reads the string length of
     the hashed values from the DBM data structures, rather than relying
     upon the string being NULL-appended. Some applications, such as
     the Netscape web server, rely upon the string being
     NULL-appended, so if you are having trouble using DBM files
     interchangeably between applications this may be a part of the
     problem.</p>

     <p>A perl script called
     <program>dbmmanage</program> is included with
     Apache. This program can be used to create and update DBM
     format password files for use with this module. Another
     tool for maintaining the DBM files is the included program
     <program>htdbm</program>.</p>
 </usage>
 </directivesynopsis>

 <directivesynopsis>
 <name>AuthDBMType</name>
 <description>Sets the type of database file that is used to
 store passwords</description>
 <syntax>AuthDBMType default|SDBM|GDBM|NDBM|DB</syntax>
 <default>AuthDBMType default</default>
 <contextlist><context>directory</context><context>.htaccess</context>
 </contextlist>
 <override>AuthConfig</override>

 <usage>
     <p>Sets the type of database file that is used to store the passwords.
     The default database type is determined at compile time. The
     availability of other types of database files also depends on
     <a href="../programs/configure.html#options">compile-time settings</a>.</p>

     <p>For example, in order to enable the support for Berkeley DB
     (correspondent to the <code>db</code> type) the
     <code>--with-berkeley-db</code> option needs to be added to httpd's
     configure to generate the necessary DSO.</p>

     <p>It is crucial that whatever program you use to create your password
     files is configured to use the same type of database.</p>
 </usage>
 </directivesynopsis>

 </modulesynopsis>
	<?xml version="1.0"?>
	<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
	<?xml-stylesheet type="text/xsl" href="../style/manual.en.xsl"?>
	<!-- $LastChangedRevision$ -->

	<!--
	Licensed to the Apache Software Foundation (ASF) under one or more
	contributor license agreements. See the NOTICE file distributed with
	this work for additional information regarding copyright ownership.
	The ASF licenses this file to You under the Apache License, Version 2.0
	(the "License"); you may not use this file except in compliance with
	the License. You may obtain a copy of the License at

	http://www.apache.org/licenses/LICENSE-2.0

	Unless required by applicable law or agreed to in writing, software
	distributed under the License is distributed on an "AS IS" BASIS,
	WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	See the License for the specific language governing permissions and
	limitations under the License.
	-->

	<modulesynopsis metafile="mod_authn_dbm.xml.meta">

	<name>mod_authn_dbm</name>
	<description>User authentication using DBM files</description>
	<status>Extension</status>
	<sourcefile>mod_authn_dbm.c</sourcefile>
	<identifier>authn_dbm_module</identifier>
	<compatibility>Available in Apache 2.1 and later</compatibility>

	<summary>
	<p>This module provides authentication front-ends such as
	<module>mod_auth_digest</module> and <module>mod_auth_basic</module>
	to authenticate users by looking up users in <dfn>dbm</dfn> password
	files. Similar functionality is provided by
	<module>mod_authn_file</module>.</p>

	<p>When using <module>mod_auth_basic</module> or
	<module>mod_auth_digest</module>, this module is invoked via the
	<directive module="mod_auth_basic">AuthBasicProvider</directive> or
	<directive module="mod_auth_digest">AuthDigestProvider</directive>
	with the <code>dbm</code> value.</p>
	</summary>

	<seealso><directive module="mod_authn_core">AuthName</directive></seealso>
	<seealso><directive module="mod_authn_core">AuthType</directive></seealso>
	<seealso>
	<directive module="mod_auth_basic">AuthBasicProvider</directive>
	</seealso>
	<seealso>
	<directive module="mod_auth_digest">AuthDigestProvider</directive>
	</seealso>
	<seealso><program>htpasswd</program></seealso>
	<seealso><program>htdbm</program></seealso>
	<seealso><a href="../misc/password_encryptions.html">Password Formats</a></seealso>

	<directivesynopsis>
	<name>AuthDBMUserFile</name>
	<description>Sets the name of a database file containing the list of users and
	passwords for authentication</description>
	<syntax>AuthDBMUserFile <var>file-path</var></syntax>
	<contextlist><context>directory</context><context>.htaccess</context>
	</contextlist>
	<override>AuthConfig</override>

	<usage>
	<p>The <directive>AuthDBMUserFile</directive> directive sets the
	name of a DBM file containing the list of users and passwords for
	user authentication. <var>File-path</var> is the absolute path to
	the user file.</p>

	<p>The user file is keyed on the username. The value for a user is
	the encrypted password, optionally followed by a colon and arbitrary
	data. The colon and the data following it will be ignored by the
	server.</p>

	<note type="warning"><title>Security:</title>
	<p>Make sure that the <directive>AuthDBMUserFile</directive> is stored
	outside the document tree of the web-server; do <em>not</em> put it in
	the directory that it protects. Otherwise, clients will be able to
	download the <directive>AuthDBMUserFile</directive>.</p>
	</note>

	<p>The encrypted password format depends on which authentication
	frontend (e.g. <module>mod_auth_basic</module> or
	<module>mod_auth_digest</module>) is being used. See <a
	href="../misc/password_encryptions.html">Password Formats</a> for
	more information.</p>

	<p>Important compatibility note: The implementation of
	<code>dbmopen</code> in the Apache modules reads the string length of
	the hashed values from the DBM data structures, rather than relying
	upon the string being NULL-appended. Some applications, such as
	the Netscape web server, rely upon the string being
	NULL-appended, so if you are having trouble using DBM files
	interchangeably between applications this may be a part of the
	problem.</p>

	<p>A perl script called
	<program>dbmmanage</program> is included with
	Apache. This program can be used to create and update DBM
	format password files for use with this module. Another
	tool for maintaining the DBM files is the included program
	<program>htdbm</program>.</p>
	</usage>
	</directivesynopsis>

	<directivesynopsis>
	<name>AuthDBMType</name>
	<description>Sets the type of database file that is used to
	store passwords</description>
	<syntax>AuthDBMType default\|SDBM\|GDBM\|NDBM\|DB</syntax>
	<default>AuthDBMType default</default>
	<contextlist><context>directory</context><context>.htaccess</context>
	</contextlist>
	<override>AuthConfig</override>

	<usage>
	<p>Sets the type of database file that is used to store the passwords.
	The default database type is determined at compile time. The
	availability of other types of database files also depends on
	<a href="../programs/configure.html#options">compile-time settings</a>.</p>

	<p>For example, in order to enable the support for Berkeley DB
	(correspondent to the <code>db</code> type) the
	<code>--with-berkeley-db</code> option needs to be added to httpd's
	configure to generate the necessary DSO.</p>

	<p>It is crucial that whatever program you use to create your password
	files is configured to use the same type of database.</p>
	</usage>
	</directivesynopsis>

	</modulesynopsis>