📄 asg10.htm
字号:
<BODY>
<H1>This portion of our site is currently under remodeling,
you can find a mirror of this site
<A HREF="http://www.mirror.com/index.html">here</A></H1>
</BODY>
</HTML></FONT></PRE>
<BR>
<A NAME="E68E113"></A>
<H3 ALIGN=CENTER>
<CENTER>
<FONT SIZE=5 COLOR="#FF0000"><B>The </B><B>mod_auth</B><B> Module</B></FONT></CENTER></H3>
<BR>
<TABLE BORDERCOLOR=#000040 BORDER=1 CELLSPACING=2 WIDTH="80%" CELLPADDING=2 >
<TR>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Source:
</FONT>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
mod_auth.c</FONT>
<TR>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Base:
</FONT>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Yes</FONT>
<TR>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Type:
</FONT>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Security/Access Control </FONT>
</TABLE><P>The mod_auth module is built into Apache by default. This module provides user authentication by using text files.
<BR>
<P>User authentication allows you to control access to a document tree on an individual user basis, using user and password lists to provide the necessary authentication verification. When a user requests a restricted resource, the server requires him to log in by specifying a username and a password. If the user supplies the proper information, access is granted to roam across the site without additional login requests. Also, you should be aware that this process is repeated for every document you request (your password and user ID (UID) are sent with every page request, thus your password is sent not once, but many times).
<BR>
<BR>
<A NAME="E69E91"></A>
<H4 ALIGN=CENTER>
<CENTER>
<FONT SIZE=4 COLOR="#FF0000"><B>mod_auth</B><B> Directives</B></FONT></CENTER></H4>
<BR>
<P>mod_auth provides you with the following directives:
<BR>
<UL>
<LI>AuthGroupFile
<BR>
<BR>
<LI>AuthUserFile
<BR>
<BR>
</UL>
<P>These directives allow you to specify the location of your password and group files. Password files that are usable by this module are maintained with the htpasswd program included in the server's support directory. For more information on how to use the htpasswd program, see <A HREF="asg15.htm" tppabs="http://docs.rinet.ru:8080/Apachu/asg15.htm">Chapter 15</A>, "Access Control and User Authentication."
<BR>
<BR>
<A NAME="E70E53"></A>
<H5 ALIGN=CENTER>
<CENTER>
<FONT SIZE=4 COLOR="#FF0000"><B>AuthGroupFile</B></FONT></CENTER></H5>
<BR>
<TABLE BORDERCOLOR=#000040 BORDER=1 CELLSPACING=2 WIDTH="80%" CELLPADDING=2 >
<TR>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Syntax:
</FONT>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
AuthGroupFile <I>filename</I></FONT>
<TR>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Context:
</FONT>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
directory, location, .htaccess</FONT>
</TABLE><P>The AuthGroup directive allows you to specify the location of the group file. <I>filename</I> should be specified with an <I>absolute path</I>—a path beginning with a slash (/)—that is outside of your Web server's DocumentRoot. For security reasons, it is important that <I>filename</I> resides outside of the directory it is trying to protect:
<BR>
<BR>
<PRE>
<FONT COLOR="#000080">AuthGroupFile /usr/local/etc/httpd/passwords/mygroupfile</FONT></PRE>
<P>The group file is an ASCII file with the following format:
<BR>
<PRE>
<FONT COLOR="#000080">groupname: username1 username2 username3...
groupname2: username1, username3
<I>...</I></FONT></PRE>
<P><I>groupname</I> is the name of your group followed by a colon (:) and then followed by a list of valid usernames that appear in the user file. Use your favorite editor to maintain this file.
<BR>
<BLOCKQUOTE>
<BLOCKQUOTE>
<HR ALIGN=CENTER>
<BR>
<NOTE>Use AuthGroupFile to authenticate a large group of users, such as a workgroup. This way, you can easily manage multiple levels of access with just one directive.</NOTE>
<BR>
<HR ALIGN=CENTER>
</BLOCKQUOTE></BLOCKQUOTE>
<BR>
<A NAME="E70E54"></A>
<H5 ALIGN=CENTER>
<CENTER>
<FONT SIZE=4 COLOR="#FF0000"><B>AuthUserFile</B></FONT></CENTER></H5>
<BR>
<TABLE BORDERCOLOR=#000040 BORDER=1 CELLSPACING=2 WIDTH="80%" CELLPADDING=2 >
<TR>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Syntax:
</FONT>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
AuthUserFile <I>filename</I></FONT>
<TR>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Context:
</FONT>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
directory, location, .htaccess</FONT>
</TABLE><P>The AuthUserFile directive allows you to specify the location of the user/password file. <I>filename</I> should be an absolute path outside of DocumentRoot. For security reasons, it is important that <I>filename</I> is outside of the directory it is trying to protect:
<BR>
<BR>
<PRE>
<FONT COLOR="#000080">AuthUserFile /usr/local/etc/httpd/passwords/.htpasswd</FONT></PRE>
<P>The password file is maintained with the htpasswd program. The file format of the password file is similar to the /etc/passwd file: it contains a username followed by a colon (:) and a crypt() encrypted password. For information on how to maintain password files, please see <A HREF="asg15.htm" tppabs="http://docs.rinet.ru:8080/Apachu/asg15.htm">Chapter 15</A>.
<BR>
<BLOCKQUOTE>
<BLOCKQUOTE>
<HR ALIGN=CENTER>
<BR>
<NOTE>Use the DBM authentication module when the number of users is greater than 100. It will speed up things greatly.</NOTE>
<BR>
<HR ALIGN=CENTER>
</BLOCKQUOTE></BLOCKQUOTE>
<BR>
<A NAME="E68E114"></A>
<H3 ALIGN=CENTER>
<CENTER>
<FONT SIZE=5 COLOR="#FF0000"><B>The </B><B>mod_auth_anon</B><B> Module</B></FONT></CENTER></H3>
<BR>
<TABLE BORDERCOLOR=#000040 BORDER=1 CELLSPACING=2 WIDTH="80%" CELLPADDING=2 >
<TR>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Source:
</FONT>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
mod_auth_anon.c</FONT>
<TR>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Base:
</FONT>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
No</FONT>
<TR>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Type:
</FONT>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Security/Access Control</FONT>
</TABLE><P>The mod_auth_anon module allows you to have an FTP-style <I>anonymous</I> login. This will allow visitors that are not registered with your site to still gain access, if they provide the appropriate information, typically their e-mail addresses.
<BR>
<BR>
<A NAME="E69E92"></A>
<H4 ALIGN=CENTER>
<CENTER>
<FONT SIZE=4 COLOR="#FF0000"><B> </B><A NAME="I5"></A><A NAME="I6"></A><A NAME="I7"></A><A NAME="I8"></A><A NAME="I9"></A><B>mod_auth_anon</B><B> </B><B>Directives</B></FONT></CENTER></H4>
<BR>
<UL>
<LI>Anonymous
<BR>
<BR>
<LI>Anonymous_LogEmail
<BR>
<BR>
<LI>Anonymous_VerifyEmail
<BR>
<BR>
<LI>Anonymous_NoUserID
<BR>
<BR>
<LI>Anonymous_Authorative
<BR>
<BR>
</UL>
<BR>
<A NAME="E70E55"></A>
<H5 ALIGN=CENTER>
<CENTER>
<FONT SIZE=4 COLOR="#FF0000"><B>Anonymous</B></FONT></CENTER></H5>
<BR>
<TABLE BORDERCOLOR=#000040 BORDER=1 CELLSPACING=2 WIDTH="80%" CELLPADDING=2 >
<TR>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Syntax:
</FONT>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Anonymous <I>login</I> <I>login2...</I></FONT>
</TABLE><P>This directive allows you to specify various acceptable anonymous names. Typical logins include: Anonymous, guest, or visitor. These logins are not case sensitive. Because there's no default, be sure to include Anonymous in the very least.
<BR>
<BR>
<A NAME="E70E56"></A>
<H5 ALIGN=CENTER>
<CENTER>
<FONT SIZE=4 COLOR="#FF0000"><B>Anonymous_MustGiveEmail</B></FONT></CENTER></H5>
<BR>
<TABLE BORDERCOLOR=#000040 BORDER=1 CELLSPACING=2 WIDTH="80%" CELLPADDING=2 >
<TR>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Syntax:
</FONT>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Anonymous_MustGiveEmail [on] | [off]</FONT>
<TR>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Default:
</FONT>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Anonymous_MustGiveEmail off</FONT>
</TABLE><P>The Anonymous_MustGiveEmail directive specifies that the password field must not be left empty. Typically users will be required to enter their e-mail address.
<BR>
<BR>
<A NAME="E70E57"></A>
<H5 ALIGN=CENTER>
<CENTER>
<FONT SIZE=4 COLOR="#FF0000"><B>Anonymous_LogEmail</B></FONT></CENTER></H5>
<BR>
<TABLE BORDERCOLOR=#000040 BORDER=1 CELLSPACING=2 WIDTH="80%" CELLPADDING=2 >
<TR>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Syntax:
</FONT>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Anonymous_LogEmail [on] | [off]</FONT>
<TR>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Default:
</FONT>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Anonymous_LogEmail on</FONT>
</TABLE><P>The Anonymous_LogEmail directive specifies that the password field should be logged in the server's access log.
<BR>
<BR>
<A NAME="E70E58"></A>
<H5 ALIGN=CENTER>
<CENTER>
<FONT SIZE=4 COLOR="#FF0000"><B>Anonymous_VerifyEmail</B></FONT></CENTER></H5>
<BR>
<TABLE BORDERCOLOR=#000040 BORDER=1 CELLSPACING=2 WIDTH="80%" CELLPADDING=2 >
<TR>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Syntax:
</FONT>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Anonymous_VerifyEmail [on] | [off]</FONT>
<TR>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Default:
</FONT>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Anonymous_VerifyEmail off</FONT>
</TABLE><P>The Anonymous_VerifyEmail directive specifies that the password field must contain a valid e-mail address. That is, it will be checked syntactically for resemblance to an e-mail address. It must contain at least one (@ )and a period (.).
<BR>
<BR>
<A NAME="E70E59"></A>
<H5 ALIGN=CENTER>
<CENTER>
<FONT SIZE=4 COLOR="#FF0000"><B>Anonymous_NoUserID</B></FONT></CENTER></H5>
<BR>
<TABLE BORDERCOLOR=#000040 BORDER=1 CELLSPACING=2 WIDTH="80%" CELLPADDING=2 >
<TR>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Syntax:
</FONT>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Anonymous_NoUserID [on] | [off]</FONT>
<TR>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Default:
</FONT>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Anonymous_NoUserID off</FONT>
</TABLE><P>The Anonymous_NoUserID directive permits anonymous logins without entering any values in the user or password fields.
<BR>
<BR>
<A NAME="E70E60"></A>
<H5 ALIGN=CENTER>
<CENTER>
<FONT SIZE=4 COLOR="#FF0000"><B>Anonymous_Authorative</B></FONT></CENTER></H5>
<BR>
<TABLE BORDERCOLOR=#000040 BORDER=1 CELLSPACING=2 WIDTH="80%" CELLPADDING=2 >
<TR>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Syntax:
</FONT>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Anonymous_Authorative [on] | [off]</FONT>
<TR>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Default:
</FONT>
<TD VALIGN=top BGCOLOR=#80FFFF ><FONT COLOR=#000080>
Anonymous_Authorative off</FONT>
</TABLE><P>The Anonymous_Authorative directive returns a denies access if the UID entered doesn't match one of the anonymous logins specified by Anonymous. The ultimate order of the modules, by which login information is processed, depends on the linking order of the various authentication modules. Modules that appear later in the src/Configuration file can override those that come earlier in the file.
<BR>
<BR>
<A NAME="E69E93"></A>
<H4 ALIGN=CENTER>
<CENTER>
<FONT SIZE=4 COLOR="#FF0000"><B>mod_auth_anon</B><B> Configuration Example</B></FONT></CENTER></H4>
<BR>
<P>This excerpt, from an access.conf, permits anonymous logins so long as a proper e-mail is entered in the password field.
<BR>
<PRE>
<FONT COLOR="#000080">Anonymous anonymous guest
Anonymous_MustGiveEmail on
Anonymous_VerifyEmail on
Anonymous_NoUserId off
AuthName This resource contains restricted materials.For guest entry use 'anonymous' in the login prompt, and enter you email address as the password.
AuthType basic
<Limit get,post>
order deny,allow
allow from all
require valid-user
</Limit></FONT></PRE>
<BR>
<A NAME="E68E115"></A>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -