You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by ch...@apache.org on 2008/03/21 08:49:57 UTC
svn commit: r639562 [1/2] - /httpd/httpd/trunk/docs/manual/mod/
Author: chrisd
Date: Fri Mar 21 00:49:47 2008
New Revision: 639562
URL: http://svn.apache.org/viewvc?rev=639562&view=rev
Log:
PR 43211: Revise mod_authn_dbd and mod_authz_dbd documenation to reflect
current APR DBD query statement parameter requirements. Tidy up examples
and links to glossary and external sites. Update transformation.
Modified:
httpd/httpd/trunk/docs/manual/mod/directives.html.en
httpd/httpd/trunk/docs/manual/mod/mod_authn_dbd.html.en
httpd/httpd/trunk/docs/manual/mod/mod_authn_dbd.xml
httpd/httpd/trunk/docs/manual/mod/mod_authz_dbd.html.en
httpd/httpd/trunk/docs/manual/mod/mod_authz_dbd.xml
httpd/httpd/trunk/docs/manual/mod/mod_dbd.html.en
httpd/httpd/trunk/docs/manual/mod/mod_dbd.xml
httpd/httpd/trunk/docs/manual/mod/mpm_common.html.en
httpd/httpd/trunk/docs/manual/mod/mpm_common.xml.de
httpd/httpd/trunk/docs/manual/mod/mpm_common.xml.ja
httpd/httpd/trunk/docs/manual/mod/mpm_common.xml.meta
httpd/httpd/trunk/docs/manual/mod/quickreference.html.en
Modified: httpd/httpd/trunk/docs/manual/mod/directives.html.en
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/directives.html.en?rev=639562&r1=639561&r2=639562&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/directives.html.en (original)
+++ httpd/httpd/trunk/docs/manual/mod/directives.html.en Fri Mar 21 00:49:47 2008
@@ -145,6 +145,7 @@
<li><a href="mod_speling.html#checkcaseonly">CheckCaseOnly</a></li>
<li><a href="mod_speling.html#checkspelling">CheckSpelling</a></li>
<li><a href="perchild.html#childperuserid">ChildPerUserID</a></li>
+<li><a href="mpm_common.html#chrootdir">ChrootDir</a></li>
<li><a href="core.html#contentdigest">ContentDigest</a></li>
<li><a href="mod_usertrack.html#cookiedomain">CookieDomain</a></li>
<li><a href="mod_usertrack.html#cookieexpires">CookieExpires</a></li>
Modified: httpd/httpd/trunk/docs/manual/mod/mod_authn_dbd.html.en
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_authn_dbd.html.en?rev=639562&r1=639561&r2=639562&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_authn_dbd.html.en (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_authn_dbd.html.en Fri Mar 21 00:49:47 2008
@@ -74,35 +74,29 @@
<p>This simple example shows use of this module in the context of
the Authentication and DBD frameworks.</p>
<div class="example"><pre>
-#Database Management
-
-#Use the PostgreSQL driver
-<code>DBDriver pgsql</code>
-
-#Connection string: database name and login credentials
-<code>DBDParams "dbname=htpasswd user=apache password=xxxxxx"</code>
-
-#Parameters for Connection Pool Management
-<code>DBDMin 1
-DBDKeep 2
-DBDMax 10
-DBDExptime 60</code>
-
-#Authentication Section
-<code><Directory /usr/www/myhost/private></code>
-
- #mod_auth configuration for authn_dbd
- <code>AuthType Basic
- AuthName "My Server"
- AuthBasicProvider dbd</code>
-
- #authz configuration
- <code>Require valid-user</code>
-
- #SQL query to verify a user
- #(note: DBD drivers recognise both stdio-like %s and native syntax)
- <code>AuthDBDUserPWQuery "select password from authn where username = %s"
-</Directory></code>
+# mod_dbd configuration
+DBDriver pgsql
+DBDParams "dbname=apacheauth user=apache password=xxxxxx"
+
+DBDMin 4
+DBDKeep 8
+DBDMax 20
+DBDExptime 300
+
+<Directory /usr/www/myhost/private>
+ # mod_authn_core and mod_auth_basic configuration
+ # for mod_authn_dbd
+ AuthType Basic
+ AuthName "My Server"
+ AuthBasicProvider dbd
+
+ # mod_authz_core configuration
+ Require valid-user
+
+ # mod_authn_dbd SQL query to authenticate a user
+ AuthDBDUserPWQuery \
+ "SELECT password FROM authn WHERE user = %s"
+</Directory>
</pre></div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
@@ -131,16 +125,22 @@
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authn_dbd</td></tr>
</table>
<p>The <code class="directive">AuthDBDUserPWQuery</code> specifies an
- SQL query to look up a password for a specified user.
- The query must take a single string (typically SQL varchar)
- argument (username), and return a single value (encrypted password).
- </p>
- <div class="example"><p><code>
- AuthDBDUserPWQuery "SELECT password FROM authn WHERE username = %s"
- </code></p></div>
- <p>If httpd was built against apr v1.3.0 or higher, any additional
- columns specified in the select statement will be inserted into
- the environment with the name <code>AUTHENTICATE_<COLUMN></code>.
+ SQL query to look up a password for a specified user. The user's ID
+ will be passed as a single string parameter when the SQL query is
+ executed. It may be referenced within the query statement using
+ a <code>%s</code> format specifier.</p>
+ <div class="example"><h3>Example</h3><pre>
+AuthDBDUserPWQuery \
+ "SELECT password FROM authn WHERE user = %s"
+</pre></div>
+ <p>The first column value of the first row returned by the query
+ statement should be a string containing the encrypted password.
+ Subsequent rows will be ignored. If no rows are returned, the user
+ will not be authenticated through <code class="module"><a href="../mod/mod_authn_dbd.html">mod_authn_dbd</a></code>.</p>
+ <p>If httpd was built against <a class="glossarylink" href="../glossary.html#apr" title="see glossary">APR</a> version 1.3.0
+ or higher, any additional column values in the first row returned by
+ the query statement will be stored as environment variables with
+ names of the form <code>AUTHENTICATE_<var>COLUMN</var></code>.
</p>
</div>
@@ -156,18 +156,22 @@
</table>
<p>The <code class="directive">AuthDBDUserRealmQuery</code> specifies an
SQL query to look up a password for a specified user and realm.
- The query must take two string (typically SQL varchar) arguments
- (username and realm), and return a single value (encrypted password).
- </p>
- <div class="example"><p><code>
- AuthDBDUserRealmQuery "SELECT password FROM authn
- WHERE username = %s AND realm = %s"
- </code></p></div>
- <p>If httpd was built against apr v1.3.0 or higher, any additional
- columns specified in the select statement will be inserted into
- the environment with the name <code>AUTHENTICATE_<COLUMN></code>.
+ The user's ID and the realm, in that order, will be passed as string
+ parameters when the SQL query is executed. They may be referenced
+ within the query statement using <code>%s</code> format specifiers.</p>
+ <div class="example"><h3>Example</h3><pre>
+AuthDBDUserRealmQuery \
+ "SELECT password FROM authn WHERE user = %s AND realm = %s"
+</pre></div>
+ <p>The first column value of the first row returned by the query
+ statement should be a string containing the encrypted password.
+ Subsequent rows will be ignored. If no rows are returned, the user
+ will not be authenticated through <code class="module"><a href="../mod/mod_authn_dbd.html">mod_authn_dbd</a></code>.</p>
+ <p>If httpd was built against <a class="glossarylink" href="../glossary.html#apr" title="see glossary">APR</a> version 1.3.0
+ or higher, any additional column values in the first row returned by
+ the query statement will be stored as environment variables with
+ names of the form <code>AUTHENTICATE_<var>COLUMN</var></code>.
</p>
-
</div>
</div>
Modified: httpd/httpd/trunk/docs/manual/mod/mod_authn_dbd.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_authn_dbd.xml?rev=639562&r1=639561&r2=639562&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_authn_dbd.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_authn_dbd.xml Fri Mar 21 00:49:47 2008
@@ -62,37 +62,30 @@
<p>This simple example shows use of this module in the context of
the Authentication and DBD frameworks.</p>
<example><pre>
-#Database Management
-
-#Use the PostgreSQL driver
-<code>DBDriver pgsql</code>
-
-#Connection string: database name and login credentials
-<code>DBDParams "dbname=htpasswd user=apache password=xxxxxx"</code>
-
-#Parameters for Connection Pool Management
-<code>DBDMin 1
-DBDKeep 2
-DBDMax 10
-DBDExptime 60</code>
-
-#Authentication Section
-<code><Directory /usr/www/myhost/private></code>
-
- #mod_auth configuration for authn_dbd
- <code>AuthType Basic
- AuthName "My Server"
- AuthBasicProvider dbd</code>
-
- #authz configuration
- <code>Require valid-user</code>
-
- #SQL query to verify a user
- #(note: DBD drivers recognise both stdio-like %s and native syntax)
- <code>AuthDBDUserPWQuery "select password from authn where username = %s"
-</Directory></code>
-</pre>
-</example>
+# mod_dbd configuration
+DBDriver pgsql
+DBDParams "dbname=apacheauth user=apache password=xxxxxx"
+
+DBDMin 4
+DBDKeep 8
+DBDMax 20
+DBDExptime 300
+
+<Directory /usr/www/myhost/private>
+ # mod_authn_core and mod_auth_basic configuration
+ # for mod_authn_dbd
+ AuthType Basic
+ AuthName "My Server"
+ AuthBasicProvider dbd
+
+ # mod_authz_core configuration
+ Require valid-user
+
+ # mod_authn_dbd SQL query to authenticate a user
+ AuthDBDUserPWQuery \
+ "SELECT password FROM authn WHERE user = %s"
+</Directory>
+</pre></example>
</section>
<section id="exposed">
@@ -120,16 +113,22 @@
<usage>
<p>The <directive>AuthDBDUserPWQuery</directive> specifies an
- SQL query to look up a password for a specified user.
- The query must take a single string (typically SQL varchar)
- argument (username), and return a single value (encrypted password).
- </p>
- <example>
- AuthDBDUserPWQuery "SELECT password FROM authn WHERE username = %s"
- </example>
- <p>If httpd was built against apr v1.3.0 or higher, any additional
- columns specified in the select statement will be inserted into
- the environment with the name <code>AUTHENTICATE_<COLUMN></code>.
+ SQL query to look up a password for a specified user. The user's ID
+ will be passed as a single string parameter when the SQL query is
+ executed. It may be referenced within the query statement using
+ a <code>%s</code> format specifier.</p>
+ <example><title>Example</title><pre>
+AuthDBDUserPWQuery \
+ "SELECT password FROM authn WHERE user = %s"
+</pre></example>
+ <p>The first column value of the first row returned by the query
+ statement should be a string containing the encrypted password.
+ Subsequent rows will be ignored. If no rows are returned, the user
+ will not be authenticated through <module>mod_authn_dbd</module>.</p>
+ <p>If httpd was built against <glossary>APR</glossary> version 1.3.0
+ or higher, any additional column values in the first row returned by
+ the query statement will be stored as environment variables with
+ names of the form <code>AUTHENTICATE_<var>COLUMN</var></code>.
</p>
</usage>
</directivesynopsis>
@@ -145,18 +144,22 @@
<usage>
<p>The <directive>AuthDBDUserRealmQuery</directive> specifies an
SQL query to look up a password for a specified user and realm.
- The query must take two string (typically SQL varchar) arguments
- (username and realm), and return a single value (encrypted password).
- </p>
- <example>
- AuthDBDUserRealmQuery "SELECT password FROM authn
- WHERE username = %s AND realm = %s"
- </example>
- <p>If httpd was built against apr v1.3.0 or higher, any additional
- columns specified in the select statement will be inserted into
- the environment with the name <code>AUTHENTICATE_<COLUMN></code>.
+ The user's ID and the realm, in that order, will be passed as string
+ parameters when the SQL query is executed. They may be referenced
+ within the query statement using <code>%s</code> format specifiers.</p>
+ <example><title>Example</title><pre>
+AuthDBDUserRealmQuery \
+ "SELECT password FROM authn WHERE user = %s AND realm = %s"
+</pre></example>
+ <p>The first column value of the first row returned by the query
+ statement should be a string containing the encrypted password.
+ Subsequent rows will be ignored. If no rows are returned, the user
+ will not be authenticated through <module>mod_authn_dbd</module>.</p>
+ <p>If httpd was built against <glossary>APR</glossary> version 1.3.0
+ or higher, any additional column values in the first row returned by
+ the query statement will be stored as environment variables with
+ names of the form <code>AUTHENTICATE_<var>COLUMN</var></code>.
</p>
-
</usage>
</directivesynopsis>
Modified: httpd/httpd/trunk/docs/manual/mod/mod_authz_dbd.html.en
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_authz_dbd.html.en?rev=639562&r1=639561&r2=639562&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_authz_dbd.html.en (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_authz_dbd.html.en Fri Mar 21 00:49:47 2008
@@ -83,9 +83,9 @@
<div class="section">
<h2><a name="example" id="example">Configuration Example</a></h2>
-<div class="example"><pre><code>
-# DBD Configuration
-DBDriver oracle
+<div class="example"><pre>
+# mod_dbd configuration
+DBDriver pgsql
DBDParams "dbname=apacheauth user=apache pass=xxxxxx"
DBDMin 4
@@ -94,38 +94,49 @@
DBDExptime 300
<Directory /usr/www/my.site/team-private/>
- # authn with mod_authn_dbd
- AuthType Basic
- AuthName Team
- AuthBasicProvider dbd
- AuthDBDUserPWQuery "SELECT pass FROM authn WHERE user = %s AND login = true"
-
- # Require dbd-group and authz_dbd implementation
- Require dbd-group team
- AuthzDBDQuery "SELECT group FROM authz WHERE user = %s"
-
- # When a user fails to authn/authz, invite them to login
- ErrorDocument 401 /team-private/login-form.html
-
- <Files login.html>
- # Don't require that we're already logged in!
- AuthDBDUserPWQuery "SELECT pass FROM authn WHERE user = %s"
-
- # dbd-login action executes a query to set our own state
- Require dbd-login
- AuthzDBDQuery "UPDATE authn SET login = true WHERE user = %s"
-
- # Return user to referring page (if any) on successful login
- AuthzDBDLoginToReferer On
- </Files>
-
- <Files logout.html>
- # dbd-logout action executes a query to set our own state
- Require dbd-logout
- AuthzDBDQuery "UPDATE authn SET login = false WHERE user = %s"
- </Files>
+ # mod_authn_core and mod_auth_basic configuration
+ # for mod_authn_dbd
+ AuthType Basic
+ AuthName Team
+ AuthBasicProvider dbd
+
+ # mod_authn_dbd SQL query to authenticate a logged-in user
+ AuthDBDUserPWQuery \
+ "SELECT password FROM authn WHERE user = %s AND login = true"
+
+ # mod_authz_core configuration for mod_authz_dbd
+ Require dbd-group team
+
+ # mod_authz_dbd configuration
+ AuthzDBDQuery "SELECT group FROM authz WHERE user = %s"
+
+ # when a user fails to be authenticated or authorized,
+ # invite them to login
+ ErrorDocument 401 /team-private/login-form.html
+
+ <Files login.html>
+ # don't require user to already be logged in!
+ AuthDBDUserPWQuery \
+ "SELECT password FROM authn WHERE user = %s"
+
+ # dbd-login action executes a statement to log user in
+ Require dbd-login
+ AuthzDBDQuery \
+ "UPDATE authn SET login = true WHERE user = %s"
+
+ # return user to referring page (if any) after
+ # successful login
+ AuthzDBDLoginToReferer On
+ </Files>
+
+ <Files logout.html>
+ # dbd-logout action executes a statement to log user out
+ Require dbd-logout
+ AuthzDBDQuery \
+ "UPDATE authn SET login = false WHERE user = %s"
+ </Files>
</Directory>
-</code></pre></div>
+</pre></div>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="AuthzDBDLoginToReferer" id="AuthzDBDLoginToReferer">AuthzDBDLoginToReferer</a> <a name="authzdbdlogintoreferer" id="authzdbdlogintoreferer">Directive</a></h2>
@@ -151,7 +162,7 @@
<div class="directive-section"><h2><a name="AuthzDBDQuery" id="AuthzDBDQuery">AuthzDBDQuery</a> <a name="authzdbdquery" id="authzdbdquery">Directive</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Specify the SQL Query for the required operation</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthzDBDQuery SQL-Query</code></td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthzDBDQuery <var>query</var></code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authz_dbd</td></tr>
@@ -161,37 +172,58 @@
<code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code> directive in
effect.</p>
<ul>
- <li>With <code>Require dbd-group</code>, it specifies a query
- to look up groups for the current user. This is the standard
- functionality of other authz modules such as
+ <li>When used with a <code>Require dbd-group</code> directive,
+ it specifies a query to look up groups for the current user. This is
+ the standard functionality of other authorization modules such as
<code class="module"><a href="../mod/mod_authz_file.html">mod_authz_file</a></code> and <code class="module"><a href="../mod/mod_authz_dbm.html">mod_authz_dbm</a></code>.
- In this case it will typically take the form<br />
- <code>AuthzDBDQuery "SELECT group FROM groups WHERE user= %s"</code>
+ The first column value of each row returned by the query statement
+ should be a string containing a group name. Zero, one, or more rows
+ may be returned.
+ <div class="example"><h3>Example</h3><pre>
+Require dbd-group
+AuthzDBDQuery \
+ "SELECT group FROM groups WHERE user = %s"
+</pre></div>
</li>
- <li>With <code>Require dbd-login</code> or <code>Require dbd-logout</code>,
- it will never deny access, but will instead execute an SQL Query
- designed to log the user (who must already be authenticated with
- <code class="module"><a href="../mod/mod_authn_dbd.html">mod_authn_dbd</a></code>) in or out. Such a query will
- typically take the form<br />
- <code>AuthzDBDQuery "UPDATE authn SET login = true WHERE user = %s"</code>
+ <li>When used with a <code>Require dbd-login</code> or
+ <code>Require dbd-logout</code> directive, it will never deny access,
+ but will instead execute a SQL statement designed to log the user
+ in or out. The user must already be authenticated with
+ <code class="module"><a href="../mod/mod_authn_dbd.html">mod_authn_dbd</a></code>.
+ <div class="example"><h3>Example</h3><pre>
+Require dbd-login
+AuthzDBDQuery \
+ "UPDATE authn SET login = true WHERE user = %s"
+</pre></div>
</li>
</ul>
+ <p>In all cases, the user's ID will be passed as a single string
+ parameter when the SQL query is executed. It may be referenced within
+ the query statement using a <code>%s</code> format specifier.</p>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="AuthzDBDRedirectQuery" id="AuthzDBDRedirectQuery">AuthzDBDRedirectQuery</a> <a name="authzdbdredirectquery" id="authzdbdredirectquery">Directive</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Specify a query to look up a login page for the user</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthzDBDRedirectQuery SQL-Query</code></td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthzDBDRedirectQuery <var>query</var></code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authz_dbd</td></tr>
</table>
- <p>Specifies an optional query to use after successful login
- (or logout) to redirect the user to a page, which may be
- specific to the user. Such a query will take the form<br />
- <code>AuthzDBDRedirectQuery "SELECT userpage FROM userpages WHERE user = %s"</code>
- </p>
+ <p>Specifies an optional SQL query to use after successful login
+ (or logout) to redirect the user to a URL, which may be
+ specific to the user. The user's ID will be passed as a single string
+ parameter when the SQL query is executed. It may be referenced within
+ the query statement using a <code>%s</code> format specifier.</p>
+ <div class="example"><h3>Example</h3><pre>
+AuthzDBDRedirectQuery \
+ "SELECT userpage FROM userpages WHERE user = %s"
+</pre></div>
+ <p>The first column value of the first row returned by the query
+ statement should be a string containing a URL to which to redirect
+ the client. Subsequent rows will be ignored. If no rows are returned,
+ the client will not be redirected.</p>
<p>Note that <code class="directive">AuthzDBDLoginToReferer</code> takes
precedence if both are set.</p>
Modified: httpd/httpd/trunk/docs/manual/mod/mod_authz_dbd.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_authz_dbd.xml?rev=639562&r1=639561&r2=639562&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_authz_dbd.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_authz_dbd.xml Fri Mar 21 00:49:47 2008
@@ -69,9 +69,9 @@
<section id="example">
<title>Configuration Example</title>
-<example><pre><code>
-# DBD Configuration
-DBDriver oracle
+<example><pre>
+# mod_dbd configuration
+DBDriver pgsql
DBDParams "dbname=apacheauth user=apache pass=xxxxxx"
DBDMin 4
@@ -80,45 +80,55 @@
DBDExptime 300
<Directory /usr/www/my.site/team-private/>
- # authn with mod_authn_dbd
- AuthType Basic
- AuthName Team
- AuthBasicProvider dbd
- AuthDBDUserPWQuery "SELECT pass FROM authn WHERE user = %s AND login = true"
-
- # Require dbd-group and authz_dbd implementation
- Require dbd-group team
- AuthzDBDQuery "SELECT group FROM authz WHERE user = %s"
-
- # When a user fails to authn/authz, invite them to login
- ErrorDocument 401 /team-private/login-form.html
-
- <Files login.html>
- # Don't require that we're already logged in!
- AuthDBDUserPWQuery "SELECT pass FROM authn WHERE user = %s"
-
- # dbd-login action executes a query to set our own state
- Require dbd-login
- AuthzDBDQuery "UPDATE authn SET login = true WHERE user = %s"
-
- # Return user to referring page (if any) on successful login
- AuthzDBDLoginToReferer On
- </Files>
-
- <Files logout.html>
- # dbd-logout action executes a query to set our own state
- Require dbd-logout
- AuthzDBDQuery "UPDATE authn SET login = false WHERE user = %s"
- </Files>
+ # mod_authn_core and mod_auth_basic configuration
+ # for mod_authn_dbd
+ AuthType Basic
+ AuthName Team
+ AuthBasicProvider dbd
+
+ # mod_authn_dbd SQL query to authenticate a logged-in user
+ AuthDBDUserPWQuery \
+ "SELECT password FROM authn WHERE user = %s AND login = true"
+
+ # mod_authz_core configuration for mod_authz_dbd
+ Require dbd-group team
+
+ # mod_authz_dbd configuration
+ AuthzDBDQuery "SELECT group FROM authz WHERE user = %s"
+
+ # when a user fails to be authenticated or authorized,
+ # invite them to login
+ ErrorDocument 401 /team-private/login-form.html
+
+ <Files login.html>
+ # don't require user to already be logged in!
+ AuthDBDUserPWQuery \
+ "SELECT password FROM authn WHERE user = %s"
+
+ # dbd-login action executes a statement to log user in
+ Require dbd-login
+ AuthzDBDQuery \
+ "UPDATE authn SET login = true WHERE user = %s"
+
+ # return user to referring page (if any) after
+ # successful login
+ AuthzDBDLoginToReferer On
+ </Files>
+
+ <Files logout.html>
+ # dbd-logout action executes a statement to log user out
+ Require dbd-logout
+ AuthzDBDQuery \
+ "UPDATE authn SET login = false WHERE user = %s"
+ </Files>
</Directory>
-</code></pre>
-</example>
+</pre></example>
</section>
<directivesynopsis>
<name>AuthzDBDQuery</name>
<description>Specify the SQL Query for the required operation</description>
-<syntax>AuthzDBDQuery SQL-Query</syntax>
+<syntax>AuthzDBDQuery <var>query</var></syntax>
<contextlist><context>directory</context></contextlist>
<usage>
@@ -127,36 +137,57 @@
<directive module="mod_authz_core">Require</directive> directive in
effect.</p>
<ul>
- <li>With <code>Require dbd-group</code>, it specifies a query
- to look up groups for the current user. This is the standard
- functionality of other authz modules such as
+ <li>When used with a <code>Require dbd-group</code> directive,
+ it specifies a query to look up groups for the current user. This is
+ the standard functionality of other authorization modules such as
<module>mod_authz_file</module> and <module>mod_authz_dbm</module>.
- In this case it will typically take the form<br/>
- <code>AuthzDBDQuery "SELECT group FROM groups WHERE user= %s"</code>
+ The first column value of each row returned by the query statement
+ should be a string containing a group name. Zero, one, or more rows
+ may be returned.
+ <example><title>Example</title><pre>
+Require dbd-group
+AuthzDBDQuery \
+ "SELECT group FROM groups WHERE user = %s"
+</pre></example>
</li>
- <li>With <code>Require dbd-login</code> or <code>Require dbd-logout</code>,
- it will never deny access, but will instead execute an SQL Query
- designed to log the user (who must already be authenticated with
- <module>mod_authn_dbd</module>) in or out. Such a query will
- typically take the form<br/>
- <code>AuthzDBDQuery "UPDATE authn SET login = true WHERE user = %s"</code>
+ <li>When used with a <code>Require dbd-login</code> or
+ <code>Require dbd-logout</code> directive, it will never deny access,
+ but will instead execute a SQL statement designed to log the user
+ in or out. The user must already be authenticated with
+ <module>mod_authn_dbd</module>.
+ <example><title>Example</title><pre>
+Require dbd-login
+AuthzDBDQuery \
+ "UPDATE authn SET login = true WHERE user = %s"
+</pre></example>
</li>
</ul>
+ <p>In all cases, the user's ID will be passed as a single string
+ parameter when the SQL query is executed. It may be referenced within
+ the query statement using a <code>%s</code> format specifier.</p>
</usage>
</directivesynopsis>
<directivesynopsis>
<name>AuthzDBDRedirectQuery</name>
<description>Specify a query to look up a login page for the user</description>
-<syntax>AuthzDBDRedirectQuery SQL-Query</syntax>
+<syntax>AuthzDBDRedirectQuery <var>query</var></syntax>
<contextlist><context>directory</context></contextlist>
<usage>
- <p>Specifies an optional query to use after successful login
- (or logout) to redirect the user to a page, which may be
- specific to the user. Such a query will take the form<br/>
- <code>AuthzDBDRedirectQuery "SELECT userpage FROM userpages WHERE user = %s"</code>
- </p>
+ <p>Specifies an optional SQL query to use after successful login
+ (or logout) to redirect the user to a URL, which may be
+ specific to the user. The user's ID will be passed as a single string
+ parameter when the SQL query is executed. It may be referenced within
+ the query statement using a <code>%s</code> format specifier.</p>
+ <example><title>Example</title><pre>
+AuthzDBDRedirectQuery \
+ "SELECT userpage FROM userpages WHERE user = %s"
+</pre></example>
+ <p>The first column value of the first row returned by the query
+ statement should be a string containing a URL to which to redirect
+ the client. Subsequent rows will be ignored. If no rows are returned,
+ the client will not be redirected.</p>
<p>Note that <directive>AuthzDBDLoginToReferer</directive> takes
precedence if both are set.</p>
</usage>
Modified: httpd/httpd/trunk/docs/manual/mod/mod_dbd.html.en
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_dbd.html.en?rev=639562&r1=639561&r2=639562&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_dbd.html.en (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_dbd.html.en Fri Mar 21 00:49:47 2008
@@ -31,11 +31,14 @@
<h3>Summary</h3>
<p><code class="module"><a href="../mod/mod_dbd.html">mod_dbd</a></code> manages SQL database connections using
- <a href="http://people.apache.org/~niq/dbd.html">apr_dbd</a>.
- It provides database connections on request to modules
- requiring SQL database functions, and takes care of
+ <a class="glossarylink" href="../glossary.html#apr" title="see glossary">APR</a>. It provides database connections on request
+ to modules requiring SQL database functions, and takes care of
managing databases with optimal efficiency and scalability
- for both threaded and non-threaded MPMs.</p>
+ for both threaded and non-threaded MPMs. For details, see the
+ <a href="http://apr.apache.org/">APR</a> website and this overview of the
+ <a href="http://people.apache.org/~niq/dbd.html">Apache DBD Framework</a>
+ by its original developer.
+</p>
</div>
<div id="quickview"><h3 class="directives">Directives</h3>
<ul id="toc">
@@ -66,8 +69,9 @@
classic LAMP (Linux, Apache, Mysql, Perl/PHP/Python).
On threaded platform, it provides an altogether more
scalable and efficient <em>connection pool</em>, as
- described in <a href="http://www.apachetutor.org/dev/reslist">this article at ApacheTutor</a>. <code class="module"><a href="../mod/mod_dbd.html">mod_dbd</a></code> supersedes
- the modules presented in that article.</p>
+ described in <a href="http://www.apachetutor.org/dev/reslist">this
+ article at ApacheTutor</a>. Note that <code class="module"><a href="../mod/mod_dbd.html">mod_dbd</a></code>
+ supersedes the modules presented in that article.</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="API" id="API">Apache DBD API</a></h2>
Modified: httpd/httpd/trunk/docs/manual/mod/mod_dbd.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_dbd.xml?rev=639562&r1=639561&r2=639562&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_dbd.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_dbd.xml Fri Mar 21 00:49:47 2008
@@ -31,11 +31,14 @@
<summary>
<p><module>mod_dbd</module> manages SQL database connections using
- <a href="http://people.apache.org/~niq/dbd.html">apr_dbd</a>.
- It provides database connections on request to modules
- requiring SQL database functions, and takes care of
+ <glossary>APR</glossary>. It provides database connections on request
+ to modules requiring SQL database functions, and takes care of
managing databases with optimal efficiency and scalability
- for both threaded and non-threaded MPMs.</p>
+ for both threaded and non-threaded MPMs. For details, see the
+ <a href="http://apr.apache.org/">APR</a> website and this overview of the
+ <a href="http://people.apache.org/~niq/dbd.html">Apache DBD Framework</a>
+ by its original developer.
+</p>
</summary>
<seealso><a href="../misc/password_encryptions.html">Password Formats</a></seealso>
@@ -47,9 +50,9 @@
classic LAMP (Linux, Apache, Mysql, Perl/PHP/Python).
On threaded platform, it provides an altogether more
scalable and efficient <em>connection pool</em>, as
- described in <a href="http://www.apachetutor.org/dev/reslist"
- >this article at ApacheTutor</a>. <module>mod_dbd</module> supersedes
- the modules presented in that article.</p>
+ described in <a href="http://www.apachetutor.org/dev/reslist">this
+ article at ApacheTutor</a>. Note that <module>mod_dbd</module>
+ supersedes the modules presented in that article.</p>
</section>
<section id="API"><title>Apache DBD API</title>
Modified: httpd/httpd/trunk/docs/manual/mod/mpm_common.html.en
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mpm_common.html.en?rev=639562&r1=639561&r2=639562&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mpm_common.html.en (original)
+++ httpd/httpd/trunk/docs/manual/mod/mpm_common.html.en Fri Mar 21 00:49:47 2008
@@ -32,6 +32,7 @@
<div id="quickview"><h3 class="directives">Directives</h3>
<ul id="toc">
<li><img alt="" src="../images/down.gif" /> <a href="#acceptmutex">AcceptMutex</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#chrootdir">ChrootDir</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#coredumpdirectory">CoreDumpDirectory</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#enableexceptionhook">EnableExceptionHook</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#gracefulshutdowntimeout">GracefulShutdownTimeout</a></li>
@@ -140,6 +141,26 @@
<code>pthread_mutexattr_setrobust_np()</code> function,
you may be able to use the <code>pthread</code> option safely.</p>
</div>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="ChrootDir" id="ChrootDir">ChrootDir</a> <a name="chrootdir" id="chrootdir">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Directory for apache to run chroot(8) after startup.</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ChrootDir <var>/path/to/directory</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>none</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>MPM</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td><code class="module"><a href="../mod/event.html">event</a></code>, <code class="module"><a href="../mod/prefork.html">prefork</a></code>, <code class="module"><a href="../mod/worker.html">worker</a></code></td></tr>
+</table>
+ <p>This directive, available in httpd 2.2.9(?) and later, tells the
+ server to <var>chroot(8)</var> to the specified directory after
+ startup, but before accepting requests over the 'net.</p>
+ <p>Note that running the server under chroot is not simple,
+ and requires additional setup, particularly if you are running
+ scripts such as CGI or PHP. Please make sure you are properly
+ familiar with the operation of chroot before attempting to use
+ this feature.</p>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
Modified: httpd/httpd/trunk/docs/manual/mod/mpm_common.xml.de
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mpm_common.xml.de?rev=639562&r1=639561&r2=639562&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mpm_common.xml.de (original)
+++ httpd/httpd/trunk/docs/manual/mod/mpm_common.xml.de Fri Mar 21 00:49:47 2008
@@ -1,7 +1,7 @@
<?xml version="1.0"?>
<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
<?xml-stylesheet type="text/xsl" href="../style/manual.de.xsl"?>
-<!-- English Revision: 151408:478131 (outdated) -->
+<!-- English Revision: 151408:639005 (outdated) -->
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
Modified: httpd/httpd/trunk/docs/manual/mod/mpm_common.xml.ja
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mpm_common.xml.ja?rev=639562&r1=639561&r2=639562&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mpm_common.xml.ja [iso-2022-jp] (original)
+++ httpd/httpd/trunk/docs/manual/mod/mpm_common.xml.ja [iso-2022-jp] Fri Mar 21 00:49:47 2008
@@ -1,7 +1,7 @@
<?xml version="1.0" encoding="iso-2022-jp"?>
<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
<?xml-stylesheet type="text/xsl" href="../style/manual.ja.xsl"?>
-<!-- English Revision: 478131 -->
+<!-- English Revision: 478131:639005 (outdated) -->
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
Modified: httpd/httpd/trunk/docs/manual/mod/mpm_common.xml.meta
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mpm_common.xml.meta?rev=639562&r1=639561&r2=639562&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mpm_common.xml.meta (original)
+++ httpd/httpd/trunk/docs/manual/mod/mpm_common.xml.meta Fri Mar 21 00:49:47 2008
@@ -8,6 +8,6 @@
<variants>
<variant outdated="yes">de</variant>
<variant>en</variant>
- <variant>ja</variant>
+ <variant outdated="yes">ja</variant>
</variants>
</metafile>