From: Rich Bowen <rbowen@apache.org>
Date: Thu, 4 Nov 2010 15:38:19 +0000 (+0000)
Subject: Mention Satisfy in the HowTo, as per PR46256
X-Git-Tag: 2.2.18~335
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b625b6f831f716b5f9538002a5c40621ee4bc584;p=thirdparty%2Fapache%2Fhttpd.git

Mention Satisfy in the HowTo, as per PR46256


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1031039 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/docs/manual/howto/auth.html.en b/docs/manual/howto/auth.html.en
index 452aaeab390..69e92b66ead 100644
--- a/docs/manual/howto/auth.html.en
+++ b/docs/manual/howto/auth.html.en
@@ -34,6 +34,7 @@
 <li><img alt="" src="../images/down.gif" /> <a href="#introduction">Introduction</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#theprerequisites">The Prerequisites</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#gettingitworking">Getting it working</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#satisfy">Satisfy</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#lettingmorethanonepersonin">Letting more than one
 person in</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#possibleproblems">Possible problems</a></li>
@@ -255,6 +256,36 @@ module from each group.</p>
     setting the user that is allowed to access this region of the
     server. In the next section, we discuss various ways to use the
     <code class="directive"><a href="../mod/core.html#require">Require</a></code> directive.</p>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="satisfy" id="satisfy">Satisfy</a></h2>
+
+<p>The <code class="directive"><a href="../mod/core.html#satisfy">Satisfy</a></code> directive can be used to specify
+that several criteria may be considered when trying to decide if a particular user
+will be granted admission. Satisfy can take as an argument one of two options - <code>all</code>
+or <code>any</code>. By default, it is assumed that the value is <code>all</code>. This means that if several
+criteria are specified, then all of them must be met in order for someone to get in.
+However, if set to <code>any</code>, then several criteria may be specified, but if 
+the user satisfies any of these, then they will be granted entrance.</p>
+
+<p>An example of this is using access control to assure that, although a resource 
+is password protected from outside your network, all hosts inside the network
+will be given unauthenticated access to the resource. This would be accomplished
+by using the Satisfy directive, as shown below.</p>
+
+<div class="example"><p><code>
+&lt;Directory /usr/local/apache/htdocs/sekrit&gt;
+  AuthType Basic
+  AuthName intranet
+  AuthUserFile /www/passwd/users
+  AuthGroupFile /www/passwd/groups
+  Require group customers
+  Order allow,deny
+  Allow from internal.com
+  Satisfy any
+&lt;/Directory&gt;
+</code></p></div>
+
 </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="section">
 <h2><a name="lettingmorethanonepersonin" id="lettingmorethanonepersonin">Letting more than one
@@ -370,6 +401,7 @@ person in</a></h2>
 
     <p>Other options are available. Consult the
     <code class="module"><a href="../mod/mod_authn_dbm.html">mod_authn_dbm</a></code> documentation for more details.</p>
+
 </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="section">
 <h2><a name="moreinformation" id="moreinformation">More information</a></h2>
diff --git a/docs/manual/howto/auth.xml b/docs/manual/howto/auth.xml
index 98690f0e286..8814fb48018 100644
--- a/docs/manual/howto/auth.xml
+++ b/docs/manual/howto/auth.xml
@@ -254,6 +254,36 @@ module from each group.</p>
     <directive module="core">Require</directive> directive.</p>
 </section>
 
+<section id="satisfy"><title>Satisfy</title>
+
+<p>The <directive module="core">Satisfy</directive> directive can be used to specify
+that several criteria may be considered when trying to decide if a particular user
+will be granted admission. Satisfy can take as an argument one of two options - <code>all</code>
+or <code>any</code>. By default, it is assumed that the value is <code>all</code>. This means that if several
+criteria are specified, then all of them must be met in order for someone to get in.
+However, if set to <code>any</code>, then several criteria may be specified, but if 
+the user satisfies any of these, then they will be granted entrance.</p>
+
+<p>An example of this is using access control to assure that, although a resource 
+is password protected from outside your network, all hosts inside the network
+will be given unauthenticated access to the resource. This would be accomplished
+by using the Satisfy directive, as shown below.</p>
+
+<example>
+&lt;Directory /usr/local/apache/htdocs/sekrit&gt;
+  AuthType Basic
+  AuthName intranet
+  AuthUserFile /www/passwd/users
+  AuthGroupFile /www/passwd/groups
+  Require group customers
+  Order allow,deny
+  Allow from internal.com
+  Satisfy any
+&lt;/Directory&gt;
+</example>
+
+</section>
+
 <section id="lettingmorethanonepersonin"><title>Letting more than one
 person in</title>
     <p>The directives above only let one person (specifically
@@ -369,6 +399,7 @@ person in</title>
 
     <p>Other options are available. Consult the
     <module>mod_authn_dbm</module> documentation for more details.</p>
+
 </section>
 
 <section id="moreinformation"><title>More information</title>