brian 96/11/21 00:39:29
Modified: htdocs/manual/mod mod_auth_dbm.html mod_auth_db.html Log: Added gunk from old "auth_dbm.html" describing some implementation issues. This so we can nuke auth_dbm.html, which really doesn't have a home... also fixed some minor typos. Revision Changes Path 1.2 +39 -5 apache/htdocs/manual/mod/mod_auth_dbm.html Index: mod_auth_dbm.html =================================================================== RCS file: /export/home/cvs/apache/htdocs/manual/mod/mod_auth_dbm.html,v retrieving revision 1.1 retrieving revision 1.2 diff -C3 -r1.1 -r1.2 *** mod_auth_dbm.html 1996/11/21 08:12:42 1.1 --- mod_auth_dbm.html 1996/11/21 08:39:27 1.2 *************** *** 24,30 **** <A name="authdbmgroupfile"><h2>AuthDbmGroupFile</h2></A> <!--%plaintext <?INDEX {\tt AuthDbmGroupFile} directive> --> ! <strong>Syntax:</strong> AuthGroupFile <em>filename</em><br> <Strong>Context:</strong> directory, .htaccess<br> <Strong>Override:</strong> AuthConfig<br> <strong>Status:</strong> Extension<br> --- 24,30 ---- <A name="authdbmgroupfile"><h2>AuthDbmGroupFile</h2></A> <!--%plaintext <?INDEX {\tt AuthDbmGroupFile} directive> --> ! <strong>Syntax:</strong> AuthDBMGroupFile <em>filename</em><br> <Strong>Context:</strong> directory, .htaccess<br> <Strong>Override:</strong> AuthConfig<br> <strong>Status:</strong> Extension<br> *************** *** 41,47 **** Security: make sure that the AuthDBMGroupFile is stored outside the document tree of the webserver; do <em>not</em> put it in the directory that it protects. Otherwise, clients will be able to download the ! AuthDBMGroupFile.<p> See also <A HREF="core.html#authname">AuthName</A>, <A HREF="core.html#authtype">AuthType</A> and --- 41,71 ---- Security: make sure that the AuthDBMGroupFile is stored outside the document tree of the webserver; do <em>not</em> put it in the directory that it protects. Otherwise, clients will be able to download the ! AuthDBMGroupFile unless otherwise protected.<p> ! ! Combining Group and Password DBM files: In some cases it is easier to ! manage a single database which contains both the password and group ! details for each user. This simplifies any support programs that need ! to be written: they now only have to deal with writing to and locking ! a single DBM file. This can be accomplished by first setting the group ! and password files to point to the same DBM:<p> ! ! <blockquote><code> ! AuthDBMGroupFile /www/userbase<br> ! AuthDBMUserFile /www/userbase ! </code></blockquote> ! ! The key for the single DBM is the username. The value consists of <p> ! ! <blockquote><code> ! Unix Crypted Password : List of Groups [ : (ignored) ] ! </code></blockquote> ! ! The password section contains the Unix crypt() password as before. This is ! followed by a colon and the comma separated list of groups. Other data may ! optionally be left in the DBM file after another colon; it is ignored by the ! authentication module. This is what www.telescope.org uses for its combined ! password and group database. <p> See also <A HREF="core.html#authname">AuthName</A>, <A HREF="core.html#authtype">AuthType</A> and *************** *** 58,71 **** The AuthDBMUserFile directive sets the name of a DBM file containing the list of users and passwords for user authentication. <em>Filename</em> is the absolute path to the user file.<p> ! The user file is keyed on the username. The value for a user is the crypt() ! encrypted password, optionally followed by a colon and arbitrary data. ! The colon and the data following it will be ignored by the server.<p> Security: make sure that the AuthDBMUserFile is stored outside the document tree of the webserver; do <em>not</em> put it in the directory that it protects. Otherwise, clients will be able to download the AuthDBMUserFile.<p> See also <A HREF="core.html#authname">AuthName</A>, <A HREF="core.html#authtype">AuthType</A> and --- 82,105 ---- The AuthDBMUserFile directive sets the name of a DBM file containing the list of users and passwords for user authentication. <em>Filename</em> is the absolute path to the user file.<p> ! ! The user file is keyed on the username. The value for a user is the ! crypt() encrypted password, optionally followed by a colon and ! arbitrary data. The colon and the data following it will be ignored ! by the server.<p> Security: make sure that the AuthDBMUserFile is stored outside the document tree of the webserver; do <em>not</em> put it in the directory that it protects. Otherwise, clients will be able to download the AuthDBMUserFile.<p> + + Important compatibility note: The implementation of "dbmopen" in the + apache modules reads the string length of the hashed values from the + DBM data structures, rather than relying upon the string being + NULL-appended. Some applications, such as the Netscape web server, + rely upon the string being NULL-appended, so if you are having trouble + using DBM files interchangeably between applications this may be a + part of the problem. <p> See also <A HREF="core.html#authname">AuthName</A>, <A HREF="core.html#authtype">AuthType</A> and 1.2 +38 -5 apache/htdocs/manual/mod/mod_auth_db.html Index: mod_auth_db.html =================================================================== RCS file: /export/home/cvs/apache/htdocs/manual/mod/mod_auth_db.html,v retrieving revision 1.1 retrieving revision 1.2 diff -C3 -r1.1 -r1.2 *** mod_auth_db.html 1996/11/21 08:12:41 1.1 --- mod_auth_db.html 1996/11/21 08:39:27 1.2 *************** *** 12,18 **** This module is contained in the <code>mod_auth_db.c</code> file, and is not compiled in by default. It provides for user authentication using ! Berkeley DB files. It is an alternative to <A HREF="../auth_dbm.html">DBM</A> files for those systems which support DB and not DBM. It is only available in Apache 1.1 and later. --- 12,18 ---- This module is contained in the <code>mod_auth_db.c</code> file, and is not compiled in by default. It provides for user authentication using ! Berkeley DB files. It is an alternative to <A HREF="mod_auth_dbm.html">DBM</A> files for those systems which support DB and not DBM. It is only available in Apache 1.1 and later. *************** *** 43,49 **** Security: make sure that the AuthDBGroupFile is stored outside the document tree of the webserver; do <em>not</em> put it in the directory that it protects. Otherwise, clients will be able to download the ! AuthDBGroupFile.<p> See also <A HREF="core.html#authname">AuthName</A>, <A HREF="core.html#authtype">AuthType</A> and --- 43,72 ---- Security: make sure that the AuthDBGroupFile is stored outside the document tree of the webserver; do <em>not</em> put it in the directory that it protects. Otherwise, clients will be able to download the ! AuthDBGroupFile unless otherwise protected.<p> ! ! Combining Group and Password DB files: In some cases it is easier to ! manage a single database which contains both the password and group ! details for each user. This simplifies any support programs that need ! to be written: they now only have to deal with writing to and locking ! a single DBM file. This can be accomplished by first setting the group ! and password files to point to the same DB file:<p> ! ! <blockquote><code> ! AuthDBGroupFile /www/userbase<br> ! AuthDBUserFile /www/userbase ! </code></blockquote> ! ! The key for the single DB record is the username. The value consists of <p> ! ! <blockquote><code> ! Unix Crypted Password : List of Groups [ : (ignored) ] ! </code></blockquote> ! ! The password section contains the Unix crypt() password as before. This is ! followed by a colon and the comma separated list of groups. Other data may ! optionally be left in the DB file after another colon; it is ignored by the ! authentication module. <p> See also <A HREF="core.html#authname">AuthName</A>, <A HREF="core.html#authtype">AuthType</A> and *************** *** 60,73 **** The AuthDBUserFile directive sets the name of a DB file containing the list of users and passwords for user authentication. <em>Filename</em> is the absolute path to the user file.<p> ! The user file is keyed on the username. The value for a user is the crypt() ! encrypted password, optionally followed by a colon and arbitrary data. ! The colon and the data following it will be ignored by the server.<p> Security: make sure that the AuthDBUserFile is stored outside the document tree of the webserver; do <em>not</em> put it in the directory that it protects. Otherwise, clients will be able to download the AuthDBUserFile.<p> See also <A HREF="core.html#authname">AuthName</A>, <A HREF="core.html#authtype">AuthType</A> and --- 83,106 ---- The AuthDBUserFile directive sets the name of a DB file containing the list of users and passwords for user authentication. <em>Filename</em> is the absolute path to the user file.<p> ! ! The user file is keyed on the username. The value for a user is the ! crypt() encrypted password, optionally followed by a colon and ! arbitrary data. The colon and the data following it will be ignored ! by the server.<p> Security: make sure that the AuthDBUserFile is stored outside the document tree of the webserver; do <em>not</em> put it in the directory that it protects. Otherwise, clients will be able to download the AuthDBUserFile.<p> + + Important compatibility note: The implementation of "dbmopen" in the + apache modules reads the string length of the hashed values from the + DB data structures, rather than relying upon the string being + NULL-appended. Some applications, such as the Netscape web server, + rely upon the string being NULL-appended, so if you are having trouble + using DB files interchangeably between applications this may be a + part of the problem. <p> See also <A HREF="core.html#authname">AuthName</A>, <A HREF="core.html#authtype">AuthType</A> and