From e8ec7aa8e38a93f5b034ac74cebce5de23710317 Mon Sep 17 00:00:00 2001 From: hongbotian Date: Mon, 30 Nov 2015 01:45:08 -0500 Subject: upload http JIRA: BOTTLENECK-10 Change-Id: I7598427ff904df438ce77c2819ee48ac75ffa8da Signed-off-by: hongbotian --- .../docs/manual/mod/mod_auth_dbm.html.en | 228 +++++++++++++++++++++ 1 file changed, 228 insertions(+) create mode 100644 rubbos/app/httpd-2.0.64/docs/manual/mod/mod_auth_dbm.html.en (limited to 'rubbos/app/httpd-2.0.64/docs/manual/mod/mod_auth_dbm.html.en') diff --git a/rubbos/app/httpd-2.0.64/docs/manual/mod/mod_auth_dbm.html.en b/rubbos/app/httpd-2.0.64/docs/manual/mod/mod_auth_dbm.html.en new file mode 100644 index 00000000..b1f84790 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/mod/mod_auth_dbm.html.en @@ -0,0 +1,228 @@ + + + +mod_auth_dbm - Apache HTTP Server + + + + + +
+

Modules | Directives | FAQ | Glossary | Sitemap

+

Apache HTTP Server Version 2.0

+
+
<-
+ +
+

Apache Module mod_auth_dbm

+
+

Available Languages:  en 

+
+ + + + +
Description:Provides for user authentication using DBM + files
Status:Extension
Module Identifier:auth_dbm_module
Source File:mod_auth_dbm.c
Compatibility:Available only in versions prior to 2.1
+

Summary

+ +

This module provides for HTTP Basic Authentication, where + the usernames and passwords are stored in DBM type database + files. It is an alternative to the plain text password files + provided by mod_auth.

+
+ + +
top
+

AuthDBMAuthoritative Directive

+ + + + + + + + +
Description:Sets whether authentication and authorization will be +passed on to lower level modules
Syntax:AuthDBMAuthoritative On|Off
Default:AuthDBMAuthoritative On
Context:directory, .htaccess
Override:AuthConfig
Status:Extension
Module:mod_auth_dbm
+

Setting the AuthDBMAuthoritative + directive explicitly to Off allows for both + authentication and authorization to be passed on to lower level + modules (as defined in the modules.c files) if there + is no userID or rule matching the + supplied userID. If there is a userID and/or rule specified; the + usual password and access checks will be applied and a failure will + give an "Authentication Required" reply.

+ +

So if a userID appears in the database of more than one module; + or if a valid Require + directive applies to more than one module; then the first module + will verify the credentials; and no access is passed on; + regardless of the AuthDBMAuthoritative + setting.

+ +

A common use for this is in conjunction with one of the + basic auth modules; such as mod_auth. Whereas this + DBM module supplies the bulk of the user credential checking; a + few (administrator) related accesses fall through to a lower + level with a well protected .htpasswd file.

+ +

By default, control is not passed on and an unknown userID + or rule will result in an "Authentication Required" reply. Not + setting it thus keeps the system secure and forces an NCSA + compliant behaviour.

+ +

Security:

+

Do consider the implications of allowing a user to allow + fall-through in his .htaccess file; and verify that this + is really what you want; Generally it is easier to just secure + a single .htpasswd file, than it is to secure a + database which might have more access interfaces.

+
+ +
+
top
+

AuthDBMGroupFile Directive

+ + + + + + + +
Description:Sets the name of the database file containing the list +of user groups for authentication
Syntax:AuthDBMGroupFile file-path
Context:directory, .htaccess
Override:AuthConfig
Status:Extension
Module:mod_auth_dbm
+

The AuthDBMGroupFile directive sets the + name of a DBM file containing the list of user groups for user + authentication. File-path is the absolute path to the + group file.

+ +

The group file is keyed on the username. The value for a + user is a comma-separated list of the groups to which the users + belongs. There must be no whitespace within the value, and it + must never contain any colons.

+ +

Security: make sure that the + AuthDBMGroupFile is stored outside the + document tree of the web-server; do not put it in the + directory that it protects. Otherwise, clients will be able to + download the AuthDBMGroupFile unless + otherwise protected.

+ +

Combining Group and Password DBM files: In some cases it is + easier to manage a single database which contains both the + password and group details for each user. This simplifies any + support programs that need to be written: they now only have to + deal with writing to and locking a single DBM file. This can be + accomplished by first setting the group and password files to + point to the same DBM:

+ +

+ AuthDBMGroupFile /www/userbase
+ AuthDBMUserFile /www/userbase +

+ +

The key for the single DBM is the username. The value consists + of

+ +

+ Unix Crypt-ed Password:List of Groups[:(ignored)] +

+ +

The password section contains the encrypted password as before. + This is followed by a colon and the comma separated list of groups. + Other data may optionally be left in the DBM file after another colon; + it is ignored by the authentication module. This is what + www.telescope.org uses for its combined password and group database.

+ +
+
top
+

AuthDBMType Directive

+ + + + + + + + + +
Description:Sets the type of database file that is used to +store passwords
Syntax:AuthDBMType default|SDBM|GDBM|NDBM|DB
Default:AuthDBMType default
Context:directory, .htaccess
Override:AuthConfig
Status:Extension
Module:mod_auth_dbm
Compatibility:Available in version 2.0.30 and later.
+

Sets the type of database file that is used to store the passwords. + The default database type is determined at compile time. The + availability of other types of database files also depends on + compile-time settings.

+ +

It is crucial that whatever program you use to create your password + files is configured to use the same type of database.

+ +
+
top
+

AuthDBMUserFile Directive

+ + + + + + + +
Description:Sets thename of a database file containing the list of users and +passwords for authentication
Syntax:AuthDBMUserFile file-path
Context:directory, .htaccess
Override:AuthConfig
Status:Extension
Module:mod_auth_dbm
+

The AuthDBMUserFile directive sets the + name of a DBM file containing the list of users and passwords for + user authentication. File-path is the absolute path to + the user file.

+ +

The user file is keyed on the username. The value for a user is + the encrypted password, optionally followed by a colon and arbitrary + data. The colon and the data following it will be ignored by the + server.

+ +

Security:

+

Make sure that the AuthDBMUserFile is stored + outside the document tree of the web-server; do not put it in + the directory that it protects. Otherwise, clients will be able to + download the AuthDBMUserFile.

+
+ +

Important compatibility note: The implementation of + "dbmopen" in the apache modules reads the string length of the + hashed values from the DBM data structures, rather than relying + upon the string being NULL-appended. Some applications, such as + the Netscape web server, rely upon the string being + NULL-appended, so if you are having trouble using DBM files + interchangeably between applications this may be a part of the + problem.

+ +

A perl script called + dbmmanage is included with + Apache. This program can be used to create and update DBM + format password files for use with this module.

+ +
+
+
+

Available Languages:  en 

+
+ \ No newline at end of file -- cgit 1.2.3-korg