Apache HTTP Server Version 2.3
Available Languages: en
Description: | Core Authentication |
---|---|
Status: | Base |
Module Identifier: | authn_core_module |
Source File: | mod_authn_core.c |
Compatibility: | Available in Apache 2.3 and later |
This module provides core authentication capabilities to
allow or deny access to portions of the web site.
mod_authn_core
provides directives that are
common to all authentication providers.
Extended authentication providers can be created
within the configuration file and assigned an alias name. The alias
providers can then be referenced through the directives
AuthBasicProvider
or
AuthDigestProvider
in
the same way as a base authentication provider. Besides the ability
to create and alias an extended provider, it also allows the same
extended authentication provider to be reference by multiple
locations.
The example below creates two different ldap authentication provider aliases based on the ldap provider. This allows a single authenticated location can be serviced by multiple ldap hosts:
LoadModule authn_alias_module modules/mod_authn_alias.so
<AuthnProviderAlias ldap ldap-alias1>
AuthLDAPBindDN cn=youruser,o=ctx
AuthLDAPBindPassword yourpassword
AuthLDAPURL ldap://ldap.host/o=ctx
</AuthnProviderAlias>
<AuthnProviderAlias ldap ldap-other-alias>
AuthLDAPBindDN cn=yourotheruser,o=dev
AuthLDAPBindPassword yourotherpassword
AuthLDAPURL ldap://other.ldap.host/o=dev?cn
</AuthnProviderAlias>
Alias /secure /webpages/secure
<Directory /webpages/secure>
Order deny,allow
Allow from all
AuthBasicProvider ldap-other-alias ldap-alias1
AuthType Basic
AuthName LDAP_Protected_Place
require valid-user
</Directory>
Description: | Authorization realm for use in HTTP authentication |
---|---|
Syntax: | AuthName auth-domain |
Context: | directory, .htaccess |
Override: | AuthConfig |
Status: | Base |
Module: | mod_authn_core |
This directive sets the name of the authorization realm for a
directory. This realm is given to the client so that the user
knows which username and password to send.
AuthName
takes a single argument; if the
realm name contains spaces, it must be enclosed in quotation
marks. It must be accompanied by AuthType
and Require
directives, and directives such
as AuthUserFile
and
AuthGroupFile
to
work.
For example:
AuthName "Top Secret"
The string provided for the AuthName
is what will
appear in the password dialog provided by most browsers.
Description: | Enclose a group of directives that represent an extension of a base authentication provider and referenced by the specified alias |
---|---|
Syntax: | <AuthnProviderAlias baseProvider Alias>
... </AuthnProviderAlias> |
Context: | server config, virtual host |
Status: | Base |
Module: | mod_authn_core |
<AuthnProviderAlias>
and
</AuthnProviderAlias>
are used to enclose a group of
authentication directives that can be referenced by the alias name
using one of the directives
AuthBasicProvider
or
AuthDigestProvider
.
Description: | Type of user authentication |
---|---|
Syntax: | AuthType Basic|Digest |
Context: | directory, .htaccess |
Override: | AuthConfig |
Status: | Base |
Module: | mod_authn_core |
This directive selects the type of user authentication for a
directory. The authentication types available are
Basic
(implemented by
mod_auth_basic
) and Digest
(implemented by mod_auth_digest
).
To implement authentication, you must also use the AuthName
and Require
directives. In addition, the
server must have an authentication-provider module such as
mod_authn_file
and an authorization module such
as mod_authz_user
.
Available Languages: en