mirror of
https://github.com/apache/httpd.git
synced 2025-08-01 16:41:19 +00:00
b2fc01f612
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1587031 13f79535-47bb-0310-9956-ffa450edef68
113 lines
4.1 KiB
XML
113 lines
4.1 KiB
XML
<?xml version="1.0"?>
|
|
<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
|
|
<?xml-stylesheet type="text/xsl" href="../style/manual.en.xsl"?>
|
|
<!-- $LastChangedRevision$ -->
|
|
|
|
<!--
|
|
Licensed to the Apache Software Foundation (ASF) under one or more
|
|
contributor license agreements. See the NOTICE file distributed with
|
|
this work for additional information regarding copyright ownership.
|
|
The ASF licenses this file to You under the Apache License, Version 2.0
|
|
(the "License"); you may not use this file except in compliance with
|
|
the License. You may obtain a copy of the License at
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
See the License for the specific language governing permissions and
|
|
limitations under the License.
|
|
-->
|
|
|
|
<modulesynopsis metafile="mod_authz_groupfile.xml.meta">
|
|
|
|
<name>mod_authz_groupfile</name>
|
|
<description>Group authorization using plaintext files</description>
|
|
<status>Base</status>
|
|
<sourcefile>mod_authz_groupfile.c</sourcefile>
|
|
<identifier>authz_groupfile_module</identifier>
|
|
<compatibility>Available in Apache 2.1 and later</compatibility>
|
|
|
|
<summary>
|
|
<p>This module provides authorization capabilities so that
|
|
authenticated users can be allowed or denied access to portions
|
|
of the web site by group membership. Similar functionality is
|
|
provided by <module>mod_authz_dbm</module>.</p>
|
|
</summary>
|
|
|
|
<seealso><directive module="mod_authz_core">Require</directive></seealso>
|
|
|
|
<section id="requiredirectives"><title>The Require Directives</title>
|
|
|
|
<p>Apache's <directive module="mod_authz_core">Require</directive>
|
|
directives are used during the authorization phase to ensure that
|
|
a user is allowed to access a resource. mod_authz_groupfile extends the
|
|
authorization types with <code>group</code> and <code>group-file</code>.
|
|
</p>
|
|
|
|
<p>Since v2.4.8, <a href="../expr.html">expressions</a> are supported
|
|
within the groupfile require directives.</p>
|
|
|
|
<section id="reqgroup"><title>Require group</title>
|
|
|
|
<p>This directive specifies group membership that is required for the
|
|
user to gain access.</p>
|
|
|
|
<highlight language="config">
|
|
Require group admin
|
|
</highlight>
|
|
|
|
</section>
|
|
|
|
<section id="reqfilegroup"><title>Require file-group</title>
|
|
|
|
<p>When this directive is specified, the user must be a member of the group
|
|
assigned to the file being accessed.</p>
|
|
|
|
<highlight language="config">
|
|
Require file-group
|
|
</highlight>
|
|
|
|
</section>
|
|
|
|
</section>
|
|
|
|
<directivesynopsis>
|
|
<name>AuthGroupFile</name>
|
|
<description>Sets the name of a text file containing the list
|
|
of user groups for authorization</description>
|
|
<syntax>AuthGroupFile <var>file-path</var></syntax>
|
|
<contextlist><context>directory</context><context>.htaccess</context>
|
|
</contextlist>
|
|
<override>AuthConfig</override>
|
|
|
|
<usage>
|
|
<p>The <directive>AuthGroupFile</directive> directive sets the
|
|
name of a textual file containing the list of user groups for user
|
|
authorization. <var>File-path</var> is the path to the group
|
|
file. If it is not absolute, it is treated as relative to the <directive
|
|
module="core">ServerRoot</directive>.</p>
|
|
|
|
<p>Each line of the group file contains a groupname followed by a
|
|
colon, followed by the member usernames separated by spaces.</p>
|
|
|
|
<example><title>Example:</title>
|
|
mygroup: bob joe anne
|
|
</example>
|
|
|
|
<p>Note that searching large text files is <em>very</em>
|
|
inefficient; <directive module="mod_authz_dbm"
|
|
>AuthDBMGroupFile</directive> provides a much better performance.</p>
|
|
|
|
<note type="warning"><title>Security</title>
|
|
<p>Make sure that the <directive>AuthGroupFile</directive> is
|
|
stored outside the document tree of the web-server; do <em>not</em>
|
|
put it in the directory that it protects. Otherwise, clients may
|
|
be able to download the <directive>AuthGroupFile</directive>.</p>
|
|
</note>
|
|
</usage>
|
|
</directivesynopsis>
|
|
|
|
</modulesynopsis>
|