| <?xml version="1.0" encoding="ISO-8859-1"?> |
| <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> |
| <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head> |
| <meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type" /> |
| <meta content="noindex, nofollow" name="robots" /> |
| <!-- |
| XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX |
| This file is generated from xml source: DO NOT EDIT |
| XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX |
| --> |
| <title>mod_auth_anon - Apache HTTP Server</title> |
| <link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> |
| <link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> |
| <link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> |
| <link href="../images/favicon.ico" rel="shortcut icon" /><link href="http://httpd.apache.org/docs/current/mod/mod_auth_anon.html" rel="canonical" /></head> |
| <body> |
| <div id="page-header"> |
| <p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p> |
| <p class="apache">Apache HTTP Server Version 2.0</p> |
| <img alt="" src="../images/feather.gif" /></div> |
| <div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> |
| <div id="path"> |
| <a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Modules</a></div> |
| <div id="page-content"> |
| <div class="retired"><h4>Please note</h4> |
| <p>This document refers to the <strong>2.0</strong> version of Apache httpd, which <strong>is no longer maintained</strong>. Upgrade, and refer to the current version of httpd instead, documented at:</p> |
| <ul><li><a href="http://httpd.apache.org/docs/current/">Current release version of Apache HTTP Server documentation</a></li></ul><p>You may follow <a href="http://httpd.apache.org/docs/current/mod/mod_auth_anon.html">this link</a> to go to the current version of this document.</p></div><div id="preamble"><h1>Apache Module mod_auth_anon</h1> |
| <div class="toplang"> |
| <p><span>Available Languages: </span><a href="../en/mod/mod_auth_anon.html" title="English"> en </a></p> |
| </div> |
| <table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>Allows "anonymous" user access to authenticated |
| areas</td></tr> |
| <tr><th><a href="module-dict.html#Status">Status:</a></th><td>Extension</td></tr> |
| <tr><th><a href="module-dict.html#ModuleIdentifier">Module Identifier:</a></th><td>auth_anon_module</td></tr> |
| <tr><th><a href="module-dict.html#SourceFile">Source File:</a></th><td>mod_auth_anon.c</td></tr> |
| <tr><th><a href="module-dict.html#Compatibility">Compatibility:</a></th><td>Available only in versions prior to 2.1</td></tr></table> |
| <h3>Summary</h3> |
| |
| <p>This module does access control in a manner similar to |
| anonymous-ftp sites; <em>i.e.</em> have a 'magic' user id |
| 'anonymous' and the email address as a password. These email |
| addresses can be logged.</p> |
| |
| <p>Combined with other (database) access control methods, this |
| allows for effective user tracking and customization according |
| to a user profile while still keeping the site open for |
| 'unregistered' users. One advantage of using Auth-based user |
| tracking is that, unlike magic-cookies and funny URL |
| pre/postfixes, it is completely browser independent and it |
| allows users to share URLs.</p> |
| </div> |
| <div id="quickview"><h3 class="directives">Directives</h3> |
| <ul id="toc"> |
| <li><img alt="" src="../images/down.gif" /> <a href="#anonymous">Anonymous</a></li> |
| <li><img alt="" src="../images/down.gif" /> <a href="#anonymous_authoritative">Anonymous_Authoritative</a></li> |
| <li><img alt="" src="../images/down.gif" /> <a href="#anonymous_logemail">Anonymous_LogEmail</a></li> |
| <li><img alt="" src="../images/down.gif" /> <a href="#anonymous_mustgiveemail">Anonymous_MustGiveEmail</a></li> |
| <li><img alt="" src="../images/down.gif" /> <a href="#anonymous_nouserid">Anonymous_NoUserID</a></li> |
| <li><img alt="" src="../images/down.gif" /> <a href="#anonymous_verifyemail">Anonymous_VerifyEmail</a></li> |
| </ul> |
| <h3>Topics</h3> |
| <ul id="topics"> |
| <li><img alt="" src="../images/down.gif" /> <a href="#example">Example</a></li> |
| </ul></div> |
| <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> |
| <div class="section"> |
| <h2><a name="example" id="example">Example</a></h2> |
| |
| <p>The example below (when combined with the Auth directives of a |
| htpasswd-file based (or GDM, mSQL etc.) base access |
| control system allows users in as 'guests' with the following |
| properties:</p> |
| |
| <ul> |
| <li>It insists that the user enters a userID. |
| (<code>Anonymous_NoUserID</code>)</li> |
| |
| <li>It insists that the user enters a password. |
| (<code>Anonymous_MustGiveEmail</code>)</li> |
| |
| <li>The password entered must be a valid email address, ie. |
| contain at least one '@' and a '.'. |
| (<code>Anonymous_VerifyEmail</code>)</li> |
| |
| <li>The userID must be one of <code>anonymous guest www test |
| welcome</code> and comparison is <strong>not</strong> case |
| sensitive. (<code>Anonymous</code>)</li> |
| |
| <li>And the Email addresses entered in the passwd field are |
| logged to the error log file. |
| (<code>Anonymous_LogEmail</code>)</li> |
| </ul> |
| |
| <div class="example"><h3>Excerpt of httpd.conf:</h3><p><code> |
| Anonymous_NoUserID off<br /> |
| Anonymous_MustGiveEmail on<br /> |
| Anonymous_VerifyEmail on<br /> |
| Anonymous_LogEmail on<br /> |
| Anonymous anonymous guest www test welcome<br /> |
| <br /> |
| AuthName "Use 'anonymous' & Email address for guest entry"<br /> |
| AuthType basic<br /> |
| <br /> |
| # An |
| AuthUserFile/AuthDBUserFile/AuthDBMUserFile<br /> |
| # directive must be specified, or use<br /> |
| # Anonymous_Authoritative for public access.<br /> |
| # In the .htaccess for the public directory, add:<br /> |
| <Files *><br /> |
| <span class="indent"> |
| Order Deny,Allow<br /> |
| Allow from all<br /> |
| <br /> |
| Require valid-user<br /> |
| </span> |
| </Files> |
| </code></p></div> |
| </div> |
| <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> |
| <div class="directive-section"><h2><a name="Anonymous" id="Anonymous">Anonymous</a> <a name="anonymous" id="anonymous">Directive</a></h2> |
| <table class="directive"> |
| <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Specifies userIDs that are allowed access without |
| password verification</td></tr> |
| <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>Anonymous <var>user</var> [<var>user</var>] ...</code></td></tr> |
| <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr> |
| <tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr> |
| <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> |
| <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_auth_anon</td></tr> |
| </table> |
| <p>A list of one or more 'magic' userIDs which are allowed |
| access without password verification. The userIDs are space |
| separated. It is possible to use the ' and " quotes to allow a |
| space in a userID as well as the \ escape character.</p> |
| |
| <p>Please note that the comparison is |
| <strong>case-IN-sensitive</strong>.<br /> |
| I strongly suggest that the magic username |
| '<code>anonymous</code>' is always one of the allowed |
| userIDs.</p> |
| |
| <div class="example"><h3>Example:</h3><p><code> |
| Anonymous anonymous "Not Registered" "I don't know" |
| </code></p></div> |
| |
| <p>This would allow the user to enter without password |
| verification by using the userIDs "anonymous", |
| "AnonyMous", "Not Registered" and "I Don't Know".</p> |
| |
| </div> |
| <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> |
| <div class="directive-section"><h2><a name="Anonymous_Authoritative" id="Anonymous_Authoritative">Anonymous_Authoritative</a> <a name="anonymous_authoritative" id="anonymous_authoritative">Directive</a></h2> |
| <table class="directive"> |
| <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Configures if authorization will fall-through |
| to other methods</td></tr> |
| <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>Anonymous_Authoritative On|Off</code></td></tr> |
| <tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>Anonymous_Authoritative Off</code></td></tr> |
| <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr> |
| <tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr> |
| <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> |
| <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_auth_anon</td></tr> |
| </table> |
| <p>When set <code>On</code>, there is no fall-through to other |
| authentication methods. So if a userID does not match the values |
| specified in the <code class="directive"><a href="#anonymous">Anonymous</a></code> |
| directive, access is denied.</p> |
| |
| <p>Be sure you know what you are doing when you decide to |
| switch it on. And remember that the order in which the Authentication |
| modules are queried is defined in the modules.c files at compile |
| time.</p> |
| |
| </div> |
| <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> |
| <div class="directive-section"><h2><a name="Anonymous_LogEmail" id="Anonymous_LogEmail">Anonymous_LogEmail</a> <a name="anonymous_logemail" id="anonymous_logemail">Directive</a></h2> |
| <table class="directive"> |
| <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Sets whether the password entered will be logged in the |
| error log</td></tr> |
| <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>Anonymous_LogEmail On|Off</code></td></tr> |
| <tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>Anonymous_LogEmail On</code></td></tr> |
| <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr> |
| <tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr> |
| <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> |
| <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_auth_anon</td></tr> |
| </table> |
| <p>When set <code>On</code>, the default, the 'password' entered |
| (which hopefully contains a sensible email address) is logged in |
| the error log.</p> |
| |
| </div> |
| <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> |
| <div class="directive-section"><h2><a name="Anonymous_MustGiveEmail" id="Anonymous_MustGiveEmail">Anonymous_MustGiveEmail</a> <a name="anonymous_mustgiveemail" id="anonymous_mustgiveemail">Directive</a></h2> |
| <table class="directive"> |
| <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Specifies whether blank passwords are allowed</td></tr> |
| <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>Anonymous_MustGiveEmail On|Off</code></td></tr> |
| <tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>Anonymous_MustGiveEmail On</code></td></tr> |
| <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr> |
| <tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr> |
| <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> |
| <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_auth_anon</td></tr> |
| </table> |
| <p>Specifies whether the user must specify an email address as |
| the password. This prohibits blank passwords.</p> |
| |
| </div> |
| <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> |
| <div class="directive-section"><h2><a name="Anonymous_NoUserID" id="Anonymous_NoUserID">Anonymous_NoUserID</a> <a name="anonymous_nouserid" id="anonymous_nouserid">Directive</a></h2> |
| <table class="directive"> |
| <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Sets whether the userID field may be empty</td></tr> |
| <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>Anonymous_NoUserID On|Off</code></td></tr> |
| <tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>Anonymous_NoUserID Off</code></td></tr> |
| <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr> |
| <tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr> |
| <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> |
| <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_auth_anon</td></tr> |
| </table> |
| <p>When set <code>On</code>, users can leave the userID (and |
| perhaps the password field) empty. This can be very convenient for |
| MS-Explorer users who can just hit return or click directly on the |
| OK button; which seems a natural reaction.</p> |
| |
| </div> |
| <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> |
| <div class="directive-section"><h2><a name="Anonymous_VerifyEmail" id="Anonymous_VerifyEmail">Anonymous_VerifyEmail</a> <a name="anonymous_verifyemail" id="anonymous_verifyemail">Directive</a></h2> |
| <table class="directive"> |
| <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Sets whether to check the password field for a correctly |
| formatted email address</td></tr> |
| <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>Anonymous_VerifyEmail On|Off</code></td></tr> |
| <tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>Anonymous_VerifyEmail Off</code></td></tr> |
| <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr> |
| <tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr> |
| <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> |
| <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_auth_anon</td></tr> |
| </table> |
| <p>When set <code>On</code> the 'password' entered is checked for |
| at least one '@' and a '.' to encourage users to enter valid email |
| addresses (see the above <code class="directive"><a href="#anonymous_logemail">Anonymous_LogEmail</a></code>).</p> |
| |
| </div> |
| </div> |
| <div class="bottomlang"> |
| <p><span>Available Languages: </span><a href="../en/mod/mod_auth_anon.html" title="English"> en </a></p> |
| </div><div id="footer"> |
| <p class="apache">Copyright 2013 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> |
| <p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div> |
| </body></html> |