From: Eric Covener Date: Mon, 5 Dec 2016 19:34:20 +0000 (+0000) Subject: xforms X-Git-Tag: 2.5.0-alpha~944 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=cb1fc9c5a5f16fefc9765633d67c724582973285;p=thirdparty%2Fapache%2Fhttpd.git xforms git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1772759 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/docs/manual/upgrading.html.en b/docs/manual/upgrading.html.en index 7b279c1ca1b..fb72e31d5ce 100644 --- a/docs/manual/upgrading.html.en +++ b/docs/manual/upgrading.html.en @@ -150,21 +150,21 @@

Here are some examples of old and new ways to do the same access control.

-

In this example, all requests are denied.

+

In this example, there is no authentication and all requests are denied.

2.2 configuration:

Order deny,allow
 Deny from all

2.4 configuration:

Require all denied
-

In this example, all requests are allowed.

+

In this example, there is no authentication and all requests are allowed.

2.2 configuration:

Order allow,deny
 Allow from all

2.4 configuration:

Require all granted
-

In the following example, all hosts in the example.org domain +

In the following example, there is no authentication and all hosts in the example.org domain are allowed access; all other hosts are denied access.

2.2 configuration:

Order Deny,Allow
@@ -222,6 +222,64 @@ access.log - GET /server-status 200 127.0.0.1

+

In many configurations with authentication, where the value of the + Satisfy was the default of ALL, snippets + that simply disabled host-based access control are omitted:

+ +

2.2 configuration:

Order Deny,Allow
+Deny from all
+AuthBasicProvider File
+AuthUserFile /example.com/conf/users.passwd
+AuthName secure
+Require valid-user
+
+

2.4 configuration:

# No replacement needed
+AuthBasicProvider File
+AuthUserFile /example.com/conf/users.passwd
+AuthName secure
+Require valid-user
+
+ +

In configurations where both authentication and access control were meaningfully combined, the + access control directives should be migrated. This example allows requests meeting both criteria:

+

2.2 configuration:

Order allow,deny
+Deny from all
+# Satisfy ALL is the default
+Satisfy ALL
+Allow from 127.0.0.1
+AuthBasicProvider File
+AuthUserFile /example.com/conf/users.passwd
+AuthName secure
+Require valid-user
+
+

2.4 configuration:

AuthBasicProvider File
+AuthUserFile /example.com/conf/users.passwd
+AuthName secure
+<RequireAll>
+  Require valid-user
+  require ip 127.0.0.1
+</RequireAll>
+
+ +

In configurations where both authentication and access control were meaningfully combined, the + access control directives should be migrated. This example allows requests meeting either criteria:

+

2.2 configuration:

Order allow,deny
+Deny from all
+Satisfy any
+Allow from 127.0.0.1
+AuthBasicProvider File
+AuthUserFile /example.com/conf/users.passwd
+AuthName secure
+Require valid-user
+
+

2.4 configuration:

AuthBasicProvider File
+AuthUserFile /example.com/conf/users.passwd
+AuthName secure
+# Implicitly <RequireAny>
+Require valid-user
+Require ip 127.0.0.1
+
+

Other configuration changes