asg07.htm

apache技术手册

<HTML>

<HEAD>

<TITLE>Apache Server Survival Guide asg07.htm </TITLE>

<LINK REL="ToC" HREF="index.htm" tppabs="http://docs.rinet.ru:8080/Apachu/index.htm">

<LINK REL="Index" HREF="htindex.htm" tppabs="http://docs.rinet.ru:8080/Apachu/htindex.htm">

<LINK REL="Next" HREF="asgpt3.htm" tppabs="http://docs.rinet.ru:8080/Apachu/asgpt3.htm">

<LINK REL="Previous" HREF="asg06.htm" tppabs="http://docs.rinet.ru:8080/Apachu/asg06.htm"></HEAD>

<BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#800080">
<!--#exec cmd="/www/docs/ssi-bin/restricted_search.ssi"-->





<!--#exec cmd="/www/docs/ssi-bin/inc.ssi"-->






<A NAME="I0"></A>

<H2>Apache Server Survival Guide asg07.htm</H2>

<P ALIGN=LEFT>

<A HREF="asg06.htm" tppabs="http://docs.rinet.ru:8080/Apachu/asg06.htm" TARGET="_self"><IMG SRC="purprev.gif" tppabs="http://docs.rinet.ru:8080/Apachu/purprev.gif" WIDTH = 32 HEIGHT = 32 BORDER = 0 ALT="Previous Page"></A>

<A HREF="index.htm" tppabs="http://docs.rinet.ru:8080/Apachu/index.htm" TARGET="_self"><IMG SRC="purtoc.gif" tppabs="http://docs.rinet.ru:8080/Apachu/purtoc.gif" WIDTH = 32 HEIGHT = 32 BORDER = 0 ALT="TOC"></A>

<A HREF="asgpt3.htm" tppabs="http://docs.rinet.ru:8080/Apachu/asgpt3.htm" TARGET="_self"><IMG SRC="purnext.gif" tppabs="http://docs.rinet.ru:8080/Apachu/purnext.gif" WIDTH = 32 HEIGHT = 32 BORDER = 0 ALT="Next Page"></A>


<HR ALIGN=CENTER>

<P>

<UL>

<UL>

<UL>

<LI>

<A HREF="#E68E51" >mod_auth_cookies_file</A>

<UL>

<LI>

<A HREF="#E69E66" >Directives</A>

<UL>

<LI>

<A HREF="#E70E13" >Cookie_Access</A>

<LI>

<A HREF="#E70E14" >Cookie_AuthFile</A>

<LI>

<A HREF="#E70E15" >Cookie_Authorative</A>

<LI>

<A HREF="#E70E16" >Cookie_MustGive</A>

<LI>

<A HREF="#E70E17" >Cookie_EncryptedCookies</A></UL></UL>

<LI>

<A HREF="#E68E52" >mod_auth_cookies_msql</A>

<UL>

<LI>

<A HREF="#E69E67" >Directives</A>

<UL>

<LI>

<A HREF="#E70E18" >Cookie_Access</A>

<LI>

<A HREF="#E70E19" >Cookie_Authorative</A>

<LI>

<A HREF="#E70E20" >Cookie_MustGive</A>

<LI>

<A HREF="#E70E21" >Cookie_MSQL_table</A>

<LI>

<A HREF="#E70E22" >Cookie_MSQLcookie_namefield</A>

<LI>

<A HREF="#E70E23" >Cookie_MSQLcookie_valuefield</A>

<LI>

<A HREF="#E70E24" >Cookie_MSQLdatabase</A>

<LI>

<A HREF="#E70E25" >Cookie_MSQLhost</A>

<LI>

<A HREF="#E70E26" >Cookie_MSQLuid_field</A>

<LI>

<A HREF="#E70E27" >Cookie_EncryptedCookies</A></UL></UL>

<LI>

<A HREF="#E68E53" >mod_userpath</A>

<UL>

<LI>

<A HREF="#E69E68" >Directive</A>

<UL>

<LI>

<A HREF="#E70E28" >UserPath</A></UL></UL>

<LI>

<A HREF="#E68E54" >mod_cgi_sugid</A>

<UL>

<LI>

<A HREF="#E69E69" >Directives</A>

<UL>

<LI>

<A HREF="#E70E29" >UserID</A>

<LI>

<A HREF="#E70E30" >GroupID</A></UL></UL>

<LI>

<A HREF="#E68E55" >mod_auth_sys</A>

<LI>

<A HREF="#E68E56" >mod_perl and mod_perl_fast</A>

<LI>

<A HREF="#E68E57" >mod_auth_external</A>

<UL>

<LI>

<A HREF="#E69E70" >Directives</A>

<UL>

<LI>

<A HREF="#E70E31" >AddExternalAuth</A>

<LI>

<A HREF="#E70E32" >AuthExternal</A>

<LI>

<A HREF="#E70E33" >AddExternalGroup</A>

<LI>

<A HREF="#E70E34" >ExternalGroup</A></UL></UL>

<LI>

<A HREF="#E68E58" >mod_auth_kerb</A>

<UL>

<LI>

<A HREF="#E69E71" >Directives</A>

<UL>

<LI>

<A HREF="#E70E35" >AuthType</A>

<LI>

<A HREF="#E70E36" >KrbAuthRealm</A>

<LI>

<A HREF="#E70E37" >RedirectHttps</A></UL></UL>

<LI>

<A HREF="#E68E59" >mod_fontxlate</A>

<LI>

<A HREF="#E68E60" >mod_cntr</A>

<LI>

<A HREF="#E68E61" >mod_sucgi</A>

<LI>

<A HREF="#E68E62" >mod_auth_dbi</A>

<UL>

<LI>

<A HREF="#E69E72" >Directives</A>

<UL>

<LI>

<A HREF="#E70E38" >AuthDBIAuth</A>

<LI>

<A HREF="#E70E39" >AuthDBIDB</A>

<LI>

<A HREF="#E70E40" >AuthDBIDriver</A>

<LI>

<A HREF="#E70E41" >AuthDBINameField</A>

<LI>

<A HREF="#E70E42" >AuthDBIPasswordField</A>

<LI>

<A HREF="#E70E43" >AuthDBIUser</A>

<LI>

<A HREF="#E70E44" >AuthDBIUserTable</A></UL></UL>

<LI>

<A HREF="#E68E63" >mod_rewrite</A>

<LI>

<A HREF="#E68E64" >mod_neoinclude</A>

<LI>

<A HREF="#E68E65" >mod_xinclude (XSSI)</A>

<LI>

<A HREF="#E68E66" >mod_php</A>

<LI>

<A HREF="#E68E67" >Summary</A></UL></UL></UL>

<HR ALIGN=CENTER>

<A NAME="E66E7"></A>

<H1 ALIGN=CENTER>

<CENTER>

<FONT SIZE=6 COLOR="#FF0000"><B>7</B></FONT></CENTER></H1>

<BR>

<A NAME="E67E10"></A>

<H2 ALIGN=CENTER>

<CENTER>

<FONT SIZE=6 COLOR="#FF0000"><B>Third-Party Modules</B></FONT></CENTER></H2>

<BR>

<P>There is a wide range of modules developed by third parties for Apache that extend the functionality of the server in some useful way. Following the belief that it is better to reuse and enhance than to recreate, this chapter covers some of the third-party modules registered with the Apache Module Registry. The registry can be found at <A HREF="javascript:if(confirm('http://www.zyzzzyva.com/server/module_registry  \n\nThis file was not retrieved by Teleport Pro, because it is addressed on a domain or path outside the boundaries set for its Starting Address.  \n\nDo you want to open it from the server?'))window.location='http://www.zyzzzyva.com/server/module_registry'" tppabs="http://www.zyzzzyva.com/server/module_registry"> http://www.zyzzzyva.com/server/module_registry</A> (see Figure 7.1).

<BR>

<P><B> <A HREF="javascript:if(confirm('http://docs.rinet.ru:8080/Apachu/07asg01.gif  \n\nThis file was not retrieved by Teleport Pro, because it was redirected to an invalid location.  You should report this problem to the site\'s webmaster.  \n\nDo you want to open it from the server?'))window.location='http://docs.rinet.ru:8080/Apachu/07asg01.gif'" tppabs="http://docs.rinet.ru:8080/Apachu/07asg01.gif">Figure 7.1. The home page of the Apache Module </B><B>Registry.</A></B>

<BR>

<BR>

<A NAME="E68E51"></A>

<H3 ALIGN=CENTER>

<CENTER>

<FONT SIZE=5 COLOR="#FF0000"><B>mod_auth_cookies_file</B></FONT></CENTER></H3>

<BR>



<TABLE  BORDERCOLOR=#000040 BORDER=1 CELLSPACING=2 WIDTH="80%" CELLPADDING=2 >

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Source:

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

mod_auth_cookie_file.c

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Author:

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Dirk-Willem van Gulik

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Type:

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

User authentication/Access control

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Home:

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

<A HREF="javascript:if(confirm('http://med.jrc.it/~dirkx/mod_auth_cookie_file.c  \n\nThis file was not retrieved by Teleport Pro, because it is addressed on a domain or path outside the boundaries set for its Starting Address.  \n\nDo you want to open it from the server?'))window.location='http://med.jrc.it/~dirkx/mod_auth_cookie_file.c'" tppabs="http://med.jrc.it/~dirkx/mod_auth_cookie_file.c"> http://med.jrc.it//~dirkx/mod_auth_cookie_file.c</A></FONT>

</TABLE><P>This module is designed to allow transparent authentication to users who have previously registered with your site. Suppose that you want to have visitors register with you before they access your software download area. By collecting information from them and then issuing a persistent cookie, the next time they visit your download area they can forgo the authentication procedure.

<BR>

<P>Cookies are a Netscape extension. The official reference for Netscape cookies can be found at <A HREF="javascript:if(confirm('http://home.netscape.com/newsref/std/cookie_spec.html  \n\nThis file was not retrieved by Teleport Pro, because it is addressed on a domain or path outside the boundaries set for its Starting Address.  \n\nDo you want to open it from the server?'))window.location='http://home.netscape.com/newsref/std/cookie_spec.html'" tppabs="http://home.netscape.com/newsref/std/cookie_spec.html"> http://home.netscape.com/newsref/std/cookie_spec.html</A>.

<BR>

<P>A cookie allows the browser to identify itself every time it makes a request. A cookie is no more than a ticket. When you go to your dry cleaner and give them clothes for cleaning, they give you a ticket. That ticket identifies you as having brought clothes in for cleaning; it associates you with your clothes. You can think of the dry cleaner's ticket as a cookie.

<BR>

<P>There are two types of cookies: persistent and temporary. Persistent cookies get recorded in the visitor's computer for use later. When the browser makes subsequent requests to the same URL, it first checks to see if it has a cookie for it. If it does, the browser includes this information in the HTTP request header where a program in the server (a CGI or a module) can use this information for any purpose it wants. Temporary cookies are only used during the duration of the visit, after which they are discarded.

<BR>

<P>A Netscape persistent cookie is set with an HTTP header like the following:

<BR>

<P>Set-Cookie: <I>Name</I>=<I>value</I>; [Expires=date;] [Path=path;] [Domain=domainname;] [Secure]

<BR>

<P>The Set-Cookie header can be embedded in an HTML document in a META tag, like the following, or from a CGI:

<BR>

<PRE>

<FONT COLOR="#000080">&lt;META HTTP-EQUIV=&quot;Set-Cookie&quot; CONTENT=&quot;Customer=John Doe&quot;; Path=/; Domain=www.domain.com&quot;&gt; </FONT></PRE>

<P>When sent from a CGI, this information must be sent as part of the HTTP header. For more information on how to form a header, please refer to <A HREF="asg05.htm" tppabs="http://docs.rinet.ru:8080/Apachu/asg05.htm">Chapter 5</A>, &quot;CGI (Common Gateway Interface) Programming.&quot;

<BR>

<P><I>Name</I> specifies the name identifier for the cookie.

<BR>

<P><I>value</I> can be any information you want to keep track of.

<BR>

<P>The Expires option sets a date that will be used for expiring the cookie. If not specified, the cookie will expire at the end of the current session, making it a temporary cookie. The format is <I>Wdy</I>, <I>DD-Mon-YY </I><I>HH:MM:SS </I>GMT. <I>Wdy</I> is the day of the week; possible values for <I>Wdy</I> are Mon, Tue, Wed, Thu, Fri, Sat, or Sun. <I>DD</I> is the day of the month; possible values are 01&#150;31. <I>Mon</I> is the month; possible values for it are Jan, Feb, Mar, Apr, May, Jun, Jul, Aug, Sep, Oct, Nov, or Dec. <I>YY</I> is the last two digits of the year, without the century (1996=96). <I>HH</I> specifies the hour in a 24-hour format. <I>MM</I> specifies the minutes, and <I>SS</I> specifies the seconds. The date should be specified in the Greenwich Mean Time (GMT) time zone. Previously issued cookies can be expired by sending a new cookie with the same name using an expiration date that has already past. Expiration depends on the visitor's clock time, which may be far off from the real time.

<BR>

<P>The Path option specifies the document hierarchy where the cookie is valid. This is typically set to / so that it is valid for all documents in the document hierarchy. The browser uses this information to determine if there are any cookies already stored in the visitor's computer that are associated with <I>path</I>. If there are, the browser returns a Cookie: header along with the cookie <I>Name</I> and <I>value</I><I> </I>along with the request<I>. </I>Multiple cookies matching the path will be sent with semicolons separating them.

<BR>

<P>Domain specifies the Internet domain where the cookie is valid. You can specify a fully qualified domain name such as <I>host.domain.com</I>.

<BR>

<P>When Secure is specified, the cookie will only be sent if the connection is secure by using a Secure Socket Layer (SSL) server, such as Stronghold.

<BR>

<P>The mod_auth_cookies_file module requests a named cookie from the client that contains the authentication information, which gets verified against an htpasswd like database.

<BR>

<BR>

<A NAME="E69E66"></A>

<H4 ALIGN=CENTER>

<CENTER>

<FONT SIZE=4 COLOR="#FF0000"><B>Directives</B></FONT></CENTER></H4>

<BR>

<P>mod_auth_cookie_file provides five directives:

<BR>

<UL>

<LI>Cookie_Access

<BR>

<BR>

<LI>Cookie_AuthFile

<BR>

<BR>

<LI>Cookie_Authorative

<BR>

<BR>

<LI>Cookie_MustGive

<BR>

<BR>

<LI>Cookie_EncryptedCookies

<BR>

<BR>

</UL>

<BR>

<A NAME="E70E13"></A>

<H5 ALIGN=CENTER>

<CENTER>

<FONT SIZE=4 COLOR="#FF0000"><B>Cookie_Access</B></FONT></CENTER></H5>

<BR>



<TABLE  BORDERCOLOR=#000040 BORDER=1 CELLSPACING=2 WIDTH="80%" CELLPADDING=2 >

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Syntax:

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Cookie_Access [on]|[off]

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Default:

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Cookie_Access off</FONT>

</TABLE><P>This directive sets cookie access authentication.

<BR>

<BR>

<A NAME="E70E14"></A>

<H5 ALIGN=CENTER>

<CENTER>

<FONT SIZE=4 COLOR="#FF0000"><B>Cookie_AuthFile</B></FONT></CENTER></H5>

<BR>



<TABLE  BORDERCOLOR=#000040 BORDER=1 CELLSPACING=2 WIDTH="80%" CELLPADDING=2 >

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Syntax:

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Cookie_AuthFile<I> authFile</I>

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Default:

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Cookie_AuthFile NULL (no file specified)</FONT>

</TABLE><P>The format of the authentication file (authFile) is a list of colon (:)-separated values following this format:

<BR>

<BR>

<PRE>

<FONT COLOR="#000080"><I>userId</I>:<I>name</I>:<I>value</I></FONT></PRE>

<P>where <I>userID</I> is the user's name,<I> </I><I>name</I> is the cookie name, and <I>value</I> is the cookie value.

<BR>

<BR>

<A NAME="E70E15"></A>

<H5 ALIGN=CENTER>