docs/manual/mod/mod_autht_core.xml - httpd - Git at Google

 <?xml version="1.0"?>
 <!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
 <?xml-stylesheet type="text/xsl" href="../style/manual.en.xsl"?>
 <!-- $LastChangedRevision: 1834267 $ -->

 <!--
  Licensed to the Apache Software Foundation (ASF) under one or more
  contributor license agreements.  See the NOTICE file distributed with
  this work for additional information regarding copyright ownership.
  The ASF licenses this file to You under the Apache License, Version 2.0
  (the "License"); you may not use this file except in compliance with
  the License.  You may obtain a copy of the License at

      http://www.apache.org/licenses/LICENSE-2.0

  Unless required by applicable law or agreed to in writing, software
  distributed under the License is distributed on an "AS IS" BASIS,
  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  See the License for the specific language governing permissions and
  limitations under the License.
 -->

 <modulesynopsis metafile="mod_autht_core.xml.meta">

 <name>mod_autht_core</name>
 <description>Core Token Handling</description>
 <status>Base</status>
 <sourcefile>mod_autht_core.c</sourcefile>
 <identifier>autht_core_module</identifier>
 <compatibility>Available in Apache 2.5 and later</compatibility>

 <summary>
     <p>This module provides core token handling capabilities to
     allow or deny access to portions of the web site.
     <module>mod_autht_core</module> provides directives that are
     common to all token providers.</p>
 </summary>

 <section id="authtalias"><title>Creating Token Provider Aliases</title>

     <p>Extended token providers can be created within the configuration
     file and assigned an alias name.  The alias providers can then be
     referenced through the
     <directive module="mod_auth_bearer">AuthBearerProvider</directive>
     directive in the same way as a base token provider.  Besides the
     ability to create and alias an extended provider, it also allows
     the same extended token provider to be reference by multiple
     locations.</p>

     <section id="example"><title>Examples</title>

         <p>This example checks for JWT token signatures in two different
         secret files.</p>

         <example><title>Checking multiple sources for JWT tokens</title>
         <highlight language="config">
 # Check here first
 &lt;AuthtProviderAlias jwt jwt1&gt;
     AuthtJwtVerify hs256 file "/www/conf/realm1.secret"
 &lt;/AuthtProviderAlias&gt;

 # Then check here
 &lt;AuthtProviderAlias jwt jwt2&gt;
     AuthtJwtVerify hs256 file "/www/conf/realm2.secret"
 &lt;/AuthtProviderAlias&gt;

 &lt;Directory "/var/web/pages/secure"&gt;
     AuthBearerProvider jwt1 jwt2

     AuthType Basic
     AuthName "Protected Area"
     Require valid-user
 &lt;/Directory&gt;
         </highlight>
         </example>

     </section>

 </section>

 <directivesynopsis type="section">
 <name>AuthtProviderAlias</name>
 <description>Enclose a group of directives that represent an
 extension of a base token provider and referenced by the specified
 alias</description>
 <syntax>&lt;AuthtProviderAlias <var>baseProvider Alias</var>&gt;
 ... &lt;/AuthtProviderAlias&gt;</syntax>
 <contextlist><context>server config</context>
 </contextlist>

 <usage>
     <p><code>&lt;AuthtProviderAlias&gt;</code> and
     <code>&lt;/AuthtProviderAlias&gt;</code> are used to enclose a group of
     authentication directives that can be referenced by the alias name
     using the
     <directive module="mod_auth_bearer">AuthBearerProvider</directive>.</p>

     <note>This directive has no affect on authentication or authorization,
     even for modules that provide both authentication and authorization
     in addition to token handling.</note>
 </usage>
 </directivesynopsis>

 </modulesynopsis>
	<?xml version="1.0"?>
	<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
	<?xml-stylesheet type="text/xsl" href="../style/manual.en.xsl"?>
	<!-- $LastChangedRevision: 1834267 $ -->

	<!--
	Licensed to the Apache Software Foundation (ASF) under one or more
	contributor license agreements. See the NOTICE file distributed with
	this work for additional information regarding copyright ownership.
	The ASF licenses this file to You under the Apache License, Version 2.0
	(the "License"); you may not use this file except in compliance with
	the License. You may obtain a copy of the License at

	http://www.apache.org/licenses/LICENSE-2.0

	Unless required by applicable law or agreed to in writing, software
	distributed under the License is distributed on an "AS IS" BASIS,
	WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	See the License for the specific language governing permissions and
	limitations under the License.
	-->

	<modulesynopsis metafile="mod_autht_core.xml.meta">

	<name>mod_autht_core</name>
	<description>Core Token Handling</description>
	<status>Base</status>
	<sourcefile>mod_autht_core.c</sourcefile>
	<identifier>autht_core_module</identifier>
	<compatibility>Available in Apache 2.5 and later</compatibility>

	<summary>
	<p>This module provides core token handling capabilities to
	allow or deny access to portions of the web site.
	<module>mod_autht_core</module> provides directives that are
	common to all token providers.</p>
	</summary>

	<section id="authtalias"><title>Creating Token Provider Aliases</title>

	<p>Extended token providers can be created within the configuration
	file and assigned an alias name. The alias providers can then be
	referenced through the
	<directive module="mod_auth_bearer">AuthBearerProvider</directive>
	directive in the same way as a base token provider. Besides the
	ability to create and alias an extended provider, it also allows
	the same extended token provider to be reference by multiple
	locations.</p>

	<section id="example"><title>Examples</title>

	<p>This example checks for JWT token signatures in two different
	secret files.</p>

	<example><title>Checking multiple sources for JWT tokens</title>
	<highlight language="config">
	# Check here first
	<AuthtProviderAlias jwt jwt1>
	AuthtJwtVerify hs256 file "/www/conf/realm1.secret"
	</AuthtProviderAlias>

	# Then check here
	<AuthtProviderAlias jwt jwt2>
	AuthtJwtVerify hs256 file "/www/conf/realm2.secret"
	</AuthtProviderAlias>

	<Directory "/var/web/pages/secure">
	AuthBearerProvider jwt1 jwt2

	AuthType Basic
	AuthName "Protected Area"
	Require valid-user
	</Directory>
	</highlight>
	</example>

	</section>

	</section>

	<directivesynopsis type="section">
	<name>AuthtProviderAlias</name>
	<description>Enclose a group of directives that represent an
	extension of a base token provider and referenced by the specified
	alias</description>
	<syntax><AuthtProviderAlias <var>baseProvider Alias</var>>
	... </AuthtProviderAlias></syntax>
	<contextlist><context>server config</context>
	</contextlist>

	<usage>
	<p><code><AuthtProviderAlias></code> and
	<code></AuthtProviderAlias></code> are used to enclose a group of
	authentication directives that can be referenced by the alias name
	using the
	<directive module="mod_auth_bearer">AuthBearerProvider</directive>.</p>

	<note>This directive has no affect on authentication or authorization,
	even for modules that provide both authentication and authorization
	in addition to token handling.</note>
	</usage>
	</directivesynopsis>

	</modulesynopsis>