<title>Configuration Example</title>
<p>This simple example shows use of this module in the context of
the Authentication and DBD frameworks.</p>
-<highlight language="config"><pre>
+<highlight language="config">
# mod_dbd configuration
# UPDATED to include authentication cacheing
DBDriver pgsql
Require valid-user
# mod_authn_dbd SQL query to authenticate a user
- AuthDBDUserPWQuery \
- "SELECT password FROM authn WHERE user = %s"
+ AuthDBDUserPWQuery "SELECT password FROM authn WHERE user = %s"
</Directory>
-</pre></highlight>
+</highlight>
</section>
<section id="exposed">
will be passed as a single string parameter when the SQL query is
executed. It may be referenced within the query statement using
a <code>%s</code> format specifier.</p>
- <highlight language="config"><pre>
-AuthDBDUserPWQuery \
- "SELECT password FROM authn WHERE user = %s"
-</pre></highlight>
+ <highlight language="config">
+AuthDBDUserPWQuery "SELECT password FROM authn WHERE user = %s"
+</highlight>
<p>The first column value of the first row returned by the query
statement should be a string containing the encrypted password.
Subsequent rows will be ignored. If no rows are returned, the user
The user's ID and the realm, in that order, will be passed as string
parameters when the SQL query is executed. They may be referenced
within the query statement using <code>%s</code> format specifiers.</p>
- <highlight language="config"><pre>
-AuthDBDUserRealmQuery \
- "SELECT password FROM authn WHERE user = %s AND realm = %s"
-</pre></highlight>
+ <highlight language="config">
+AuthDBDUserRealmQuery "SELECT password FROM authn WHERE user = %s AND realm = %s"
+</highlight>
<p>The first column value of the first row returned by the query
statement should be a string containing the encrypted password.
Subsequent rows will be ignored. If no rows are returned, the user
</ol>
<p>A simple usage example to accelerate <module>mod_authn_dbd</module>
using dbm as a cache engine:</p>
- <highlight language="config"><pre>
+ <highlight language="config">
<Directory /usr/www/myhost/private>
AuthType Basic
AuthName "Cached Authentication Example"
AuthnCacheSOCache dbm
Require valid-user
</Directory>
- </pre></highlight>
+ </highlight>
</section>
<section id="dev"><title>Cacheing with custom modules</title>
or by a custom provider <var>myprovider</var>, but leave those looked
up by lightweight providers like file or dbm lookup alone:</p>
<highlight language="config">
- AuthnCacheProvideFor dbd myprovider
+AuthnCacheProvideFor dbd myprovider
</highlight>
</usage>
</directivesynopsis>
group. Note: Do not surround the group name with quotes.
For example, assume that the following entry existed in
the LDAP directory:</p>
-<highlight language="config">
+<example><pre>
dn: cn=Administrators, o=Example
objectClass: groupOfUniqueNames
uniqueMember: cn=Barbara Jenson, o=Example
uniqueMember: cn=Fred User, o=Example
-</highlight>
+</pre></example>
<p>The following directive would grant access to both Fred and
Barbara:</p>
if <directive module="mod_authnz_ldap">AuthLDAPMaxSubGroupDepth</directive>
is set to a value greater than 0. For example, assume the following entries
exist in the LDAP directory:</p>
-<highlight language="config">
+<example><pre>
dn: cn=Employees, o=Example
objectClass: groupOfUniqueNames
uniqueMember: cn=Managers, o=Example
objectClass: groupOfUniqueNames
uniqueMember: cn=Jim Swenson, o=Example
uniqueMember: cn=Elliot Rhodes, o=Example
-</highlight>
+</pre></example>
<p>The following directives would allow access for Bob Ellis, Tom Jackson,
Barbara Jensen, Fred User, Allan Jefferson, and Paul Tilley but would not
authentication to it is a matter of adding the following
directives to <em>every</em> <code>.htaccess</code> file
that gets created in the web</p>
-<highlight language="config"><pre>
+<highlight language="config">
AuthLDAPURL "the url"
AuthGroupFile <em>mygroupfile</em>
Require group <em>mygroupfile</em>
-</pre></highlight>
+</highlight>
<section id="howitworks"><title>How It Works</title>
<section id="example">
<title>Configuration example</title>
-<highlight language="config"><pre>
+<highlight language="config">
# mod_dbd configuration
DBDriver pgsql
DBDParams "dbname=apacheauth user=apache pass=xxxxxx"
<Files login.html>
# don't require user to already be logged in!
- AuthDBDUserPWQuery \
- "SELECT password FROM authn WHERE user = %s"
+ AuthDBDUserPWQuery "SELECT password FROM authn WHERE user = %s"
# dbd-login action executes a statement to log user in
Require dbd-login
- AuthzDBDQuery \
- "UPDATE authn SET login = 'true' WHERE user = %s"
+ AuthzDBDQuery "UPDATE authn SET login = 'true' WHERE user = %s"
# return user to referring page (if any) after
# successful login
<Files logout.html>
# dbd-logout action executes a statement to log user out
Require dbd-logout
- AuthzDBDQuery \
- "UPDATE authn SET login = 'false' WHERE user = %s"
+ AuthzDBDQuery "UPDATE authn SET login = 'false' WHERE user = %s"
</Files>
</Directory>
-</pre></highlight>
+</highlight>
</section>
<directivesynopsis>
may be returned.
<highlight language="config">
Require dbd-group
-AuthzDBDQuery \
- "SELECT group FROM groups WHERE user = %s"
+AuthzDBDQuery "SELECT group FROM groups WHERE user = %s"
</highlight>
</li>
<li>When used with a <code>Require dbd-login</code> or
but will instead execute a SQL statement designed to log the user
in or out. The user must already be authenticated with
<module>mod_authn_dbd</module>.
- <highlight language="config"><pre>
+ <highlight language="config">
Require dbd-login
-AuthzDBDQuery \
- "UPDATE authn SET login = 'true' WHERE user = %s"
-</pre></highlight>
+AuthzDBDQuery "UPDATE authn SET login = 'true' WHERE user = %s"
+</highlight>
</li>
</ul>
<p>In all cases, the user's ID will be passed as a single string
parameter when the SQL query is executed. It may be referenced within
the query statement using a <code>%s</code> format specifier.</p>
<highlight language="config">
-AuthzDBDRedirectQuery \
- "SELECT userpage FROM userpages WHERE user = %s"
+AuthzDBDRedirectQuery "SELECT userpage FROM userpages WHERE user = %s"
</highlight>
<p>The first column value of the first row returned by the query
statement should be a string containing a URL to which to redirect
projects / thirdparty / apache / httpd.git / commitdiff
