You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by Brian Behlendorf <br...@hyperreal.com> on 1996/11/21 09:39:30 UTC
cvs commit: apache/htdocs/manual/mod mod_auth_dbm.html mod_auth_db.html
brian 96/11/21 00:39:29
Modified: htdocs/manual/mod mod_auth_dbm.html mod_auth_db.html
Log:
Added gunk from old "auth_dbm.html" describing some implementation
issues. This so we can nuke auth_dbm.html, which really doesn't have
a home... also fixed some minor typos.
Revision Changes Path
1.2 +39 -5 apache/htdocs/manual/mod/mod_auth_dbm.html
Index: mod_auth_dbm.html
===================================================================
RCS file: /export/home/cvs/apache/htdocs/manual/mod/mod_auth_dbm.html,v
retrieving revision 1.1
retrieving revision 1.2
diff -C3 -r1.1 -r1.2
*** mod_auth_dbm.html 1996/11/21 08:12:42 1.1
--- mod_auth_dbm.html 1996/11/21 08:39:27 1.2
***************
*** 24,30 ****
<A name="authdbmgroupfile"><h2>AuthDbmGroupFile</h2></A>
<!--%plaintext <?INDEX {\tt AuthDbmGroupFile} directive> -->
! <strong>Syntax:</strong> AuthGroupFile <em>filename</em><br>
<Strong>Context:</strong> directory, .htaccess<br>
<Strong>Override:</strong> AuthConfig<br>
<strong>Status:</strong> Extension<br>
--- 24,30 ----
<A name="authdbmgroupfile"><h2>AuthDbmGroupFile</h2></A>
<!--%plaintext <?INDEX {\tt AuthDbmGroupFile} directive> -->
! <strong>Syntax:</strong> AuthDBMGroupFile <em>filename</em><br>
<Strong>Context:</strong> directory, .htaccess<br>
<Strong>Override:</strong> AuthConfig<br>
<strong>Status:</strong> Extension<br>
***************
*** 41,47 ****
Security: make sure that the AuthDBMGroupFile is stored outside the
document tree of the webserver; do <em>not</em> put it in the directory that
it protects. Otherwise, clients will be able to download the
! AuthDBMGroupFile.<p>
See also <A HREF="core.html#authname">AuthName</A>,
<A HREF="core.html#authtype">AuthType</A> and
--- 41,71 ----
Security: make sure that the AuthDBMGroupFile is stored outside the
document tree of the webserver; do <em>not</em> put it in the directory that
it protects. Otherwise, clients will be able to download the
! AuthDBMGroupFile unless otherwise protected.<p>
!
! Combining Group and Password DBM files: In some cases it is easier to
! manage a single database which contains both the password and group
! details for each user. This simplifies any support programs that need
! to be written: they now only have to deal with writing to and locking
! a single DBM file. This can be accomplished by first setting the group
! and password files to point to the same DBM:<p>
!
! <blockquote><code>
! AuthDBMGroupFile /www/userbase<br>
! AuthDBMUserFile /www/userbase
! </code></blockquote>
!
! The key for the single DBM is the username. The value consists of <p>
!
! <blockquote><code>
! Unix Crypted Password : List of Groups [ : (ignored) ]
! </code></blockquote>
!
! The password section contains the Unix crypt() password as before. This is
! followed by a colon and the comma separated list of groups. Other data may
! optionally be left in the DBM file after another colon; it is ignored by the
! authentication module. This is what www.telescope.org uses for its combined
! password and group database. <p>
See also <A HREF="core.html#authname">AuthName</A>,
<A HREF="core.html#authtype">AuthType</A> and
***************
*** 58,71 ****
The AuthDBMUserFile directive sets the name of a DBM file containing the list
of users and passwords for user authentication. <em>Filename</em> is the
absolute path to the user file.<p>
! The user file is keyed on the username. The value for a user is the crypt()
! encrypted password, optionally followed by a colon and arbitrary data.
! The colon and the data following it will be ignored by the server.<p>
Security: make sure that the AuthDBMUserFile is stored outside the
document tree of the webserver; do <em>not</em> put it in the directory that
it protects. Otherwise, clients will be able to download the
AuthDBMUserFile.<p>
See also <A HREF="core.html#authname">AuthName</A>,
<A HREF="core.html#authtype">AuthType</A> and
--- 82,105 ----
The AuthDBMUserFile directive sets the name of a DBM file containing the list
of users and passwords for user authentication. <em>Filename</em> is the
absolute path to the user file.<p>
!
! The user file is keyed on the username. The value for a user is the
! crypt() encrypted password, optionally followed by a colon and
! arbitrary data. The colon and the data following it will be ignored
! by the server.<p>
Security: make sure that the AuthDBMUserFile is stored outside the
document tree of the webserver; do <em>not</em> put it in the directory that
it protects. Otherwise, clients will be able to download the
AuthDBMUserFile.<p>
+
+ Important compatibility note: The implementation of "dbmopen" in the
+ apache modules reads the string length of the hashed values from the
+ DBM data structures, rather than relying upon the string being
+ NULL-appended. Some applications, such as the Netscape web server,
+ rely upon the string being NULL-appended, so if you are having trouble
+ using DBM files interchangeably between applications this may be a
+ part of the problem. <p>
See also <A HREF="core.html#authname">AuthName</A>,
<A HREF="core.html#authtype">AuthType</A> and
1.2 +38 -5 apache/htdocs/manual/mod/mod_auth_db.html
Index: mod_auth_db.html
===================================================================
RCS file: /export/home/cvs/apache/htdocs/manual/mod/mod_auth_db.html,v
retrieving revision 1.1
retrieving revision 1.2
diff -C3 -r1.1 -r1.2
*** mod_auth_db.html 1996/11/21 08:12:41 1.1
--- mod_auth_db.html 1996/11/21 08:39:27 1.2
***************
*** 12,18 ****
This module is contained in the <code>mod_auth_db.c</code> file, and
is not compiled in by default. It provides for user authentication using
! Berkeley DB files. It is an alternative to <A HREF="../auth_dbm.html">DBM</A>
files for those systems which support DB and not DBM. It is only
available in Apache 1.1 and later.
--- 12,18 ----
This module is contained in the <code>mod_auth_db.c</code> file, and
is not compiled in by default. It provides for user authentication using
! Berkeley DB files. It is an alternative to <A HREF="mod_auth_dbm.html">DBM</A>
files for those systems which support DB and not DBM. It is only
available in Apache 1.1 and later.
***************
*** 43,49 ****
Security: make sure that the AuthDBGroupFile is stored outside the
document tree of the webserver; do <em>not</em> put it in the directory that
it protects. Otherwise, clients will be able to download the
! AuthDBGroupFile.<p>
See also <A HREF="core.html#authname">AuthName</A>,
<A HREF="core.html#authtype">AuthType</A> and
--- 43,72 ----
Security: make sure that the AuthDBGroupFile is stored outside the
document tree of the webserver; do <em>not</em> put it in the directory that
it protects. Otherwise, clients will be able to download the
! AuthDBGroupFile unless otherwise protected.<p>
!
! Combining Group and Password DB files: In some cases it is easier to
! manage a single database which contains both the password and group
! details for each user. This simplifies any support programs that need
! to be written: they now only have to deal with writing to and locking
! a single DBM file. This can be accomplished by first setting the group
! and password files to point to the same DB file:<p>
!
! <blockquote><code>
! AuthDBGroupFile /www/userbase<br>
! AuthDBUserFile /www/userbase
! </code></blockquote>
!
! The key for the single DB record is the username. The value consists of <p>
!
! <blockquote><code>
! Unix Crypted Password : List of Groups [ : (ignored) ]
! </code></blockquote>
!
! The password section contains the Unix crypt() password as before. This is
! followed by a colon and the comma separated list of groups. Other data may
! optionally be left in the DB file after another colon; it is ignored by the
! authentication module. <p>
See also <A HREF="core.html#authname">AuthName</A>,
<A HREF="core.html#authtype">AuthType</A> and
***************
*** 60,73 ****
The AuthDBUserFile directive sets the name of a DB file containing the list
of users and passwords for user authentication. <em>Filename</em> is the
absolute path to the user file.<p>
! The user file is keyed on the username. The value for a user is the crypt()
! encrypted password, optionally followed by a colon and arbitrary data.
! The colon and the data following it will be ignored by the server.<p>
Security: make sure that the AuthDBUserFile is stored outside the
document tree of the webserver; do <em>not</em> put it in the directory that
it protects. Otherwise, clients will be able to download the
AuthDBUserFile.<p>
See also <A HREF="core.html#authname">AuthName</A>,
<A HREF="core.html#authtype">AuthType</A> and
--- 83,106 ----
The AuthDBUserFile directive sets the name of a DB file containing the list
of users and passwords for user authentication. <em>Filename</em> is the
absolute path to the user file.<p>
!
! The user file is keyed on the username. The value for a user is the
! crypt() encrypted password, optionally followed by a colon and
! arbitrary data. The colon and the data following it will be ignored
! by the server.<p>
Security: make sure that the AuthDBUserFile is stored outside the
document tree of the webserver; do <em>not</em> put it in the directory that
it protects. Otherwise, clients will be able to download the
AuthDBUserFile.<p>
+
+ Important compatibility note: The implementation of "dbmopen" in the
+ apache modules reads the string length of the hashed values from the
+ DB data structures, rather than relying upon the string being
+ NULL-appended. Some applications, such as the Netscape web server,
+ rely upon the string being NULL-appended, so if you are having trouble
+ using DB files interchangeably between applications this may be a
+ part of the problem. <p>
See also <A HREF="core.html#authname">AuthName</A>,
<A HREF="core.html#authtype">AuthType</A> and