Apache Module mod_auth_anon

Available Languages: en

+ + + + +

Description:	Allows "anonymous" user access to authenticated +areas
Status:	Extension
Module Identifier:	auth_anon_module
Source File:	mod_auth_anon.c
Compatibility:	Available only in versions prior to 2.1

Summary

+ +

This module does access control in a manner similar to + anonymous-ftp sites; i.e. have a 'magic' user id + 'anonymous' and the email address as a password. These email + addresses can be logged.

+ +

Combined with other (database) access control methods, this + allows for effective user tracking and customization according + to a user profile while still keeping the site open for + 'unregistered' users. One advantage of using Auth-based user + tracking is that, unlike magic-cookies and funny URL + pre/postfixes, it is completely browser independent and it + allows users to share URLs.

Topics

Example

Example

+ +

The example below (when combined with the Auth directives of a + htpasswd-file based (or GDM, mSQL etc.) base access + control system allows users in as 'guests' with the following + properties:

+ +

It insists that the user enters a userID. + (Anonymous_NoUserID)
It insists that the user enters a password. + (Anonymous_MustGiveEmail)
The password entered must be a valid email address, ie. + contain at least one '@' and a '.'. + (Anonymous_VerifyEmail)
The userID must be one of anonymous guest www test + welcome and comparison is not case + sensitive. (Anonymous)
And the Email addresses entered in the passwd field are + logged to the error log file. + (Anonymous_LogEmail)

+ +

Excerpt of httpd.conf:

+ Anonymous_NoUserID off + Anonymous_MustGiveEmail on + Anonymous_VerifyEmail on + Anonymous_LogEmail on + Anonymous anonymous guest www test welcome + + AuthName "Use 'anonymous' & Email address for guest entry" + AuthType basic + + # An + AuthUserFile/AuthDBUserFile/AuthDBMUserFile + # directive must be specified, or use + # Anonymous_Authoritative for public access. + # In the .htaccess for the public directory, add: + <Files *> + + Order Deny,Allow + Allow from all + + Require valid-user + + </Files> +

Anonymous Directive

+ + + + + + + +

Description:	Specifies userIDs that are allowed access without +password verification
Syntax:	`Anonymous user [user] ...`
Context:	directory, .htaccess
Override:	AuthConfig
Status:	Extension
Module:	mod_auth_anon

A list of one or more 'magic' userIDs which are allowed + access without password verification. The userIDs are space + separated. It is possible to use the ' and " quotes to allow a + space in a userID as well as the \ escape character.

+ +

Please note that the comparison is + case-IN-sensitive.
+ I strongly suggest that the magic username + 'anonymous' is always one of the allowed + userIDs.

+ +

Example:

+ Anonymous anonymous "Not Registered" "I don't know" +

+ +

This would allow the user to enter without password + verification by using the userIDs "anonymous", + "AnonyMous", "Not Registered" and "I Don't Know".

+ +

Anonymous_Authoritative Directive

+ + + + + + + + +

Description:	Configures if authorization will fall-through +to other methods
Syntax:	`Anonymous_Authoritative On\|Off`
Default:	`Anonymous_Authoritative Off`
Context:	directory, .htaccess
Override:	AuthConfig
Status:	Extension
Module:	mod_auth_anon

When set On, there is no fall-through to other + authentication methods. So if a userID does not match the values + specified in the Anonymous + directive, access is denied.

+ +

Be sure you know what you are doing when you decide to + switch it on. And remember that the order in which the Authentication + modules are queried is defined in the modules.c files at compile + time.

+ +

Anonymous_LogEmail Directive

+ + + + + + + + +

Description:	Sets whether the password entered will be logged in the +error log
Syntax:	`Anonymous_LogEmail On\|Off`
Default:	`Anonymous_LogEmail On`
Context:	directory, .htaccess
Override:	AuthConfig
Status:	Extension
Module:	mod_auth_anon

When set On, the default, the 'password' entered + (which hopefully contains a sensible email address) is logged in + the error log.

+ +

Anonymous_MustGiveEmail Directive

+ + + + + + + + +

Description:	Specifies whether blank passwords are allowed
Syntax:	`Anonymous_MustGiveEmail On\|Off`
Default:	`Anonymous_MustGiveEmail On`
Context:	directory, .htaccess
Override:	AuthConfig
Status:	Extension
Module:	mod_auth_anon

Specifies whether the user must specify an email address as + the password. This prohibits blank passwords.

+ +

Anonymous_NoUserID Directive

+ + + + + + + + +

Description:	Sets whether the userID field may be empty
Syntax:	`Anonymous_NoUserID On\|Off`
Default:	`Anonymous_NoUserID Off`
Context:	directory, .htaccess
Override:	AuthConfig
Status:	Extension
Module:	mod_auth_anon

When set On, users can leave the userID (and + perhaps the password field) empty. This can be very convenient for + MS-Explorer users who can just hit return or click directly on the + OK button; which seems a natural reaction.

+ +

Anonymous_VerifyEmail Directive

+ + + + + + + + +

Description:	Sets whether to check the password field for a correctly +formatted email address
Syntax:	`Anonymous_VerifyEmail On\|Off`
Default:	`Anonymous_VerifyEmail Off`
Context:	directory, .htaccess
Override:	AuthConfig
Status:	Extension
Module:	mod_auth_anon

When set On the 'password' entered is checked for + at least one '@' and a '.' to encourage users to enter valid email + addresses (see the above Anonymous_LogEmail).

+ +