Book HomeWebmaster in a Nutshell, 3rd EditionSearch this book

19.4. mod_auth

The mod_auth module provides for user authentication using ordinary text files. Its directives override any core authentication directives given.

AuthAuthoritative

AuthAuthoritative on|off

[Within <Directory>, or .htaccess]

Decides at which level authentication and authorization can be performed. If off is specified, and there is no user ID matching the requester, authentication and authorization are passed to lower-level modules, which allow access to their respective content based on individual settings. The default is on.

AuthGroupFile

AuthGroupFile filename

[Within <Directory>, or .htaccess]

Specifies the user group filename, either as a fully qualified filename or relative to ServerRoot. For example:

AuthGroupFile /WWW/Admin/.htgroup

The format of the file should list on each line a group name, followed by a colon (:), followed by one or more users that belong to that group.

authors: robert stephen val
AuthUserFile

AuthUserFile filename

[Within <Directory>, or .htaccess]

Specifies a file that contains a list of users and passwords for user authentication, either as a fully qualified filename or relative to the ServerRoot. The password file is typically created with the htpasswd support program, which comes with the Apache distribution. It is best to place the password file outside the DocumentRoot for security purposes. For example:

AuthUserFile /etc/admin/.htpasswd


Library Navigation Links

Copyright © 2003 O'Reilly & Associates. All rights reserved.