Current Path : /compat/linux/proc/self/root/usr/local/share/doc/apache/mod/ |
FreeBSD hs32.drive.ne.jp 9.1-RELEASE FreeBSD 9.1-RELEASE #1: Wed Jan 14 12:18:08 JST 2015 root@hs32.drive.ne.jp:/sys/amd64/compile/hs32 amd64 |
Current File : //compat/linux/proc/self/root/usr/local/share/doc/apache/mod/mod_auth_anon.html |
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta name="generator" content="HTML Tidy, see www.w3.org" /> <title>Apache module mod_auth_anon.c</title> </head> <!-- Background white, links blue (unvisited), navy (visited), red (active) --> <body bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#000080" alink="#FF0000"> <div align="CENTER"> <img src="../images/sub.gif" alt="[APACHE DOCUMENTATION]" /> <h3>Apache HTTP Server Version 1.3</h3> <p><small><em>Is this the version you want? For more recent versions, check our <a href="/docs/">documentation index</a>.</em></small></p> </div> <h1 align="CENTER">Module mod_auth_anon</h1> This module allows "anonymous" user access to authenticated areas. <p><a href="module-dict.html#Status" rel="Help"><strong>Status:</strong></a> Extension<br /> <a href="module-dict.html#SourceFile" rel="Help"><strong>Source File:</strong></a> mod_auth_anon.c<br /> <a href="module-dict.html#ModuleIdentifier" rel="Help"><strong>Module Identifier:</strong></a> anon_auth_module<br /> <a href="module-dict.html#Compatibility" rel="Help"><strong>Compatibility:</strong></a> Available in Apache 1.1 and later.</p> <h2>Summary</h2> <p>This module does access control in a manner similar to anonymous-ftp sites; <em>i.e.</em> have a 'magic' user id 'anonymous' and the email address as a password. These email addresses can be logged.</p> <p>Combined with other (database) access control methods, this allows for effective user tracking and customization according to a user profile while still keeping the site open for 'unregistered' users. One advantage of using Auth-based user tracking is that, unlike magic-cookies and funny URL pre/postfixes, it is completely browser independent and it allows users to share URLs.</p> <h2><a id="Directives" name="Directives">Directives</a></h2> <ul> <li><a href="#anonymous">Anonymous</a></li> <li><a href="#Authoritative">Anonymous_Authoritative</a></li> <li><a href="#LogEmail">Anonymous_LogEmail</a></li> <li><a href="#MustGiveEmail">Anonymous_MustGiveEmail</a></li> <li><a href="#NoUserID">Anonymous_NoUserID</a></li> <li><a href="#VerifyEmail">Anonymous_VerifyEmail</a></li> </ul> <h2><a id="Example" name="Example">Example</a></h2> The example below (when combined with the Auth directives of a htpasswd-file based (or GDM, mSQL <em>etc.</em>) base access control system allows users in as 'guests' with the following properties: <ul> <li>It insists that the user enters a userId. (<code>Anonymous_NoUserId</code>)</li> <li>It insists that the user enters a password. (<code>Anonymous_MustGiveEmail</code>)</li> <li>The password entered must be a valid email address, ie. contain at least one '@' and a '.'. (<code>Anonymous_VerifyEmail</code>)</li> <li>The userID must be one of <code>anonymous guest www test welcome</code> and comparison is <strong>not</strong> case sensitive.</li> <li>And the Email addresses entered in the passwd field are logged to the error log file (<code>Anonymous_LogEmail</code>)</li> </ul> <p>Excerpt of httpd.conf:</p> <blockquote> <pre> Anonymous_NoUserId off Anonymous_MustGiveEmail on Anonymous_VerifyEmail on Anonymous_LogEmail on Anonymous anonymous guest www test welcome AuthName "Use 'anonymous' & Email address for guest entry" AuthType basic # An AuthUserFile/AuthDBUserFile/AuthDBMUserFile # directive must be specified, or use # Anonymous_Authoritative for public access. # In the .htaccess for the public directory, add: <Files *> Order Deny,Allow Allow from all Require valid-user </Files> </pre> </blockquote> <hr /> <h2><a id="anonymous" name="anonymous">Anonymous directive</a></h2> <a href="directive-dict.html#Syntax" rel="Help"><strong>Syntax:</strong></a> Anonymous <em>user</em> [<em>user</em>] ...<br /> <a href="directive-dict.html#Default" rel="Help"><strong>Default:</strong></a> none<br /> <a href="directive-dict.html#Context" rel="Help"><strong>Context:</strong></a> directory, .htaccess<br /> <a href="directive-dict.html#Override" rel="Help"><strong>Override:</strong></a> AuthConfig<br /> <a href="directive-dict.html#Status" rel="Help"><strong>Status:</strong></a> Extension<br /> <a href="directive-dict.html#Module" rel="Help"><strong>Module:</strong></a> mod_auth_anon <p>A list of one or more 'magic' userIDs which are allowed access without password verification. The userIDs are space separated. It is possible to use the ' and " quotes to allow a space in a userID as well as the \ escape character.</p> <p>Please note that the comparison is <strong>case-IN-sensitive</strong>.<br /> I strongly suggest that the magic username '<code>anonymous</code>' is always one of the allowed userIDs.</p> <p>Example:<br /> <code>Anonymous anonymous "Not Registered" 'I don\'t know'</code></p> <p>This would allow the user to enter without password verification by using the userId's 'anonymous', 'AnonyMous','Not Registered' and 'I Don't Know'.</p> <hr /> <h2><a id="Authoritative" name="Authoritative">Anonymous_Authoritative directive</a></h2> <a href="directive-dict.html#Syntax" rel="Help"><strong>Syntax:</strong></a> Anonymous_Authoritative on|off<br /> <a href="directive-dict.html#Default" rel="Help"><strong>Default:</strong></a> <code>Anonymous_Authoritative off</code><br /> <a href="directive-dict.html#Context" rel="Help"><strong>Context:</strong></a> directory, .htaccess<br /> <a href="directive-dict.html#Override" rel="Help"><strong>Override:</strong></a> AuthConfig<br /> <a href="directive-dict.html#Status" rel="Help"><strong>Status:</strong></a> Extension<br /> <a href="directive-dict.html#Module" rel="Help"><strong>Module:</strong></a> mod_auth_anon <p>When set 'on', there is no fall-through to other authorization methods. So if a userID does not match the values specified in the <code>Anonymous</code> directive, access is denied.</p> <p>Be sure you know what you are doing when you decide to switch it on. And remember that it is the linking order of the modules (in the Configuration / Make file) which details the order in which the Authorization modules are queried.</p> <hr /> <h2><a id="LogEmail" name="LogEmail">Anonymous_LogEmail directive</a></h2> <a href="directive-dict.html#Syntax" rel="Help"><strong>Syntax:</strong></a> Anonymous_LogEmail on|off<br /> <a href="directive-dict.html#Default" rel="Help"><strong>Default:</strong></a> <code>Anonymous_LogEmail on</code><br /> <a href="directive-dict.html#Context" rel="Help"><strong>Context:</strong></a> directory, .htaccess<br /> <a href="directive-dict.html#Override" rel="Help"><strong>Override:</strong></a> AuthConfig<br /> <a href="directive-dict.html#Status" rel="Help"><strong>Status:</strong></a> Extension<br /> <a href="directive-dict.html#Module" rel="Help"><strong>Module:</strong></a> mod_auth_anon <p>When set 'on', the default, the 'password' entered (which hopefully contains a sensible email address) is logged in the error log. The message is logged at a level of <code>info</code>, and so you must have <a href="core.html#loglevel">LogLevel</a> set to at least <code>info</code> in order to see this message.</p> <p>Log entries will look like the following example:</p> <pre> [Fri Apr 26 14:49:50 2002] [info] [client 192.168.1.105] Anonymous: Passwd <user@example.com> Accepted </pre> <hr /> <h2><a id="MustGiveEmail" name="MustGiveEmail">Anonymous_MustGiveEmail directive</a></h2> <a href="directive-dict.html#Syntax" rel="Help"><strong>Syntax:</strong></a> Anonymous_MustGiveEmail on|off<br /> <a href="directive-dict.html#Default" rel="Help"><strong>Default:</strong></a> <code>Anonymous_MustGiveEmail on</code><br /> <a href="directive-dict.html#Context" rel="Help"><strong>Context:</strong></a> directory, .htaccess<br /> <a href="directive-dict.html#Override" rel="Help"><strong>Override:</strong></a> AuthConfig<br /> <a href="directive-dict.html#Status" rel="Help"><strong>Status:</strong></a> Extension<br /> <a href="directive-dict.html#Module" rel="Help"><strong>Module:</strong></a> mod_auth_anon <p>Specifies whether the user must specify an email address as the password. This prohibits blank passwords.</p> <hr /> <h2><a id="NoUserID" name="NoUserID">Anonymous_NoUserID directive</a></h2> <a href="directive-dict.html#Syntax" rel="Help"><strong>Syntax:</strong></a> Anonymous_NoUserID on|off<br /> <a href="directive-dict.html#Default" rel="Help"><strong>Default:</strong></a> <code>Anonymous_NoUserID off</code><br /> <a href="directive-dict.html#Context" rel="Help"><strong>Context:</strong></a> directory, .htaccess<br /> <a href="directive-dict.html#Override" rel="Help"><strong>Override:</strong></a> AuthConfig<br /> <a href="directive-dict.html#Status" rel="Help"><strong>Status:</strong></a> Extension<br /> <a href="directive-dict.html#Module" rel="Help"><strong>Module:</strong></a> mod_auth_anon <p>When set 'on', users can leave the userID (and perhaps the password field) empty. This can be very convenient for MS-Explorer users who can just hit return or click directly on the OK button; which seems a natural reaction.</p> <hr /> <h2><a id="VerifyEmail" name="VerifyEmail">Anonymous_VerifyEmail directive</a></h2> <a href="directive-dict.html#Syntax" rel="Help"><strong>Syntax:</strong></a> Anonymous_VerifyEmail on|off<br /> <a href="directive-dict.html#Default" rel="Help"><strong>Default:</strong></a> <code>Anonymous_VerifyEmail off</code><br /> <a href="directive-dict.html#Context" rel="Help"><strong>Context:</strong></a> directory, .htaccess<br /> <a href="directive-dict.html#Override" rel="Help"><strong>Override:</strong></a> AuthConfig<br /> <a href="directive-dict.html#Status" rel="Help"><strong>Status:</strong></a> Extension<br /> <a href="directive-dict.html#Module" rel="Help"><strong>Module:</strong></a> mod_auth_anon <p>When set 'on' the 'password' entered is checked for at least one '@' and a '.' to encourage users to enter valid email addresses (see the above <code>Auth_LogEmail</code>). <hr /> <h3 align="CENTER">Apache HTTP Server Version 1.3</h3> <a href="./"><img src="../images/index.gif" alt="Index" /></a> <a href="../"><img src="../images/home.gif" alt="Home" /></a> </p> </body> </html>