<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head>

<meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type" />

        XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

              This file is generated from xml source: DO NOT EDIT

        XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

      -->

<title>mod_authn_core - Apache HTTP Server Version 2.4</title>

<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />

<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />

<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link rel="stylesheet" type="text/css" href="../style/css/prettify.css" />

<script src="../style/scripts/prettify.min.js" type="text/javascript">

</script>

<link href="../images/favicon.ico" rel="shortcut icon" /></head>

<body>

Modules | Directives | FAQ | Glossary | Sitemap

Apache HTTP Server Version 2.4

Apache > HTTP Server > Documentation > Version 2.4 > Modules

Apache Module mod_authn_core

Available Languages:  en  |

 fr 

Description:
Core Authentication

Status:Base

Module Identifier:authn_core_module

Source File:mod_authn_core.c

Compatibility:Available in Apache 2.3 and later

Summary

    
This module provides core authentication capabilities to

    allow or deny access to portions of the web site.

    mod_authn_core provides directives that are

    common to all authentication providers.

Topics

 Creating Authentication Provider Aliases

Directives

 AuthName

 <AuthnProviderAlias>

 AuthType

Bugfix checklist
httpd changelog
Known issues
Report a bug
See also

Comments

Creating Authentication Provider Aliases

    
Extended authentication providers can be created

    within the configuration file and assigned an alias name.  The alias

    providers can then be referenced through the directives

    AuthBasicProvider or

    AuthDigestProvider in

    the same way as a base authentication provider.  Besides the ability

    to create and alias an extended provider, it also allows the same

    extended authentication provider to be reference by multiple

    locations.

    
Examples

        
This example checks for passwords in two different text

        files.

        
Checking multiple text password files
# Check here first

<AuthnProviderAlias file file1>

    AuthUserFile "/www/conf/passwords1"

</AuthnProviderAlias>

# Then check here

<AuthnProviderAlias file file2>   

    AuthUserFile "/www/conf/passwords2"

</AuthnProviderAlias>

<Directory "/var/web/pages/secure">

    AuthBasicProvider file1 file2

    AuthType Basic

    AuthName "Protected Area"

    Require valid-user

</Directory>

        
The example below creates two different ldap authentication

        provider aliases based on the ldap provider.  This allows

        a single authenticated location to be serviced by multiple ldap

        hosts:

        
Checking multiple LDAP servers
<AuthnProviderAlias ldap ldap-alias1>

    AuthLDAPBindDN cn=youruser,o=ctx

    AuthLDAPBindPassword yourpassword

    AuthLDAPURL ldap://ldap.host/o=ctx

</AuthnProviderAlias>

<AuthnProviderAlias ldap ldap-other-alias>

    AuthLDAPBindDN cn=yourotheruser,o=dev

    AuthLDAPBindPassword yourotherpassword

    AuthLDAPURL ldap://other.ldap.host/o=dev?cn

</AuthnProviderAlias>

Alias "/secure" "/webpages/secure"

<Directory "/webpages/secure">

    AuthBasicProvider ldap-other-alias  ldap-alias1

    AuthType Basic

    AuthName "LDAP Protected Place"

    Require valid-user

    # Note that Require ldap-* would not work here, since the 

    # AuthnProviderAlias does not provide the config to authorization providers

    # that are implemented in the same module as the authentication provider.

</Directory>

AuthName Directive

Description:Authorization realm for use in HTTP

authentication

Syntax:AuthName auth-domain

Context:directory, .htaccess

Override:AuthConfig

Status:Base

Module:mod_authn_core

    
This directive sets the name of the authorization realm for a

    directory. This realm is given to the client so that the user

    knows which username and password to send.

    AuthName takes a single argument; if the

    realm name contains spaces, it must be enclosed in quotation

    marks.  It must be accompanied by AuthType and Require directives, and directives such

    as AuthUserFile and

    AuthGroupFile to

    work.

   
For example:

   
AuthName "Top Secret"

    
The string provided for the AuthName is what will

    appear in the password dialog provided by most browsers.

See also

Authentication, Authorization, and

    Access Control

mod_authz_core

<AuthnProviderAlias> Directive

Description:Enclose a group of directives that represent an

extension of a base authentication provider and referenced by

the specified alias

Syntax:<AuthnProviderAlias baseProvider Alias>

... </AuthnProviderAlias>

Context:server config

Status:Base

Module:mod_authn_core

    
<AuthnProviderAlias> and

    </AuthnProviderAlias> are used to enclose a group of

    authentication directives that can be referenced by the alias name

    using one of the directives 

    AuthBasicProvider or 

    AuthDigestProvider.

    
This directive has no affect on authorization, even for modules that

    provide both authentication and authorization.

AuthType Directive

Description:Type of user authentication

Syntax:AuthType None|Basic|Digest|Form

Context:directory, .htaccess

Override:AuthConfig

Status:Base

Module:mod_authn_core

    
This directive selects the type of user authentication for a

    directory. The authentication types available are None,

    Basic (implemented by

    mod_auth_basic), Digest

    (implemented by mod_auth_digest), and

    Form (implemented by mod_auth_form).

    
To implement authentication, you must also use the AuthName and Require directives.  In addition, the

    server must have an authentication-provider module such as

    mod_authn_file and an authorization module such

    as mod_authz_user.

    
The authentication type None disables authentication.

    When authentication is enabled, it is normally inherited by each

    subsequent configuration section,

    unless a different authentication type is specified.  If no

    authentication is desired for a subsection of an authenticated

    section, the authentication type None may be used;

    in the following example, clients may access the

    /www/docs/public directory without authenticating:

    
<Directory "/www/docs">

    AuthType Basic

    AuthName Documents

    AuthBasicProvider file

    AuthUserFile "/usr/local/apache/passwd/passwords"

    Require valid-user

</Directory>

<Directory "/www/docs/public">

    AuthType None

    Require all granted

</Directory>

    
When disabling authentication, note that clients which have

    already authenticated against another portion of the server's document

    tree will typically continue to send authentication HTTP headers

    or cookies with each request, regardless of whether the server

    actually requires authentication for every resource.

See also

Authentication, Authorization,

    and Access Control

Available Languages:  en  |

 fr 

Comments
Notice:
This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our mailing lists.

<script type="text/javascript">

var comments_shortname = 'httpd';

var comments_identifier = 'http://httpd.apache.org/docs/2.4/mod/mod_authn_core.html';

(function(w, d) {

    if (w.location.hostname.toLowerCase() == "httpd.apache.org") {

        d.write('
<\/div>');

        var s = d.createElement('script');

        s.type = 'text/javascript';

        s.async = true;

        s.src = 'https://comments.apache.org/show_comments.lua?site=' + comments_shortname + '&page=' + comments_identifier;

        (d.getElementsByTagName('head')[0] || d.getElementsByTagName('body')[0]).appendChild(s);

    }

    else { 

        d.write('
Comments are disabled for this page at the moment.<\/div>');

    }

})(window, document);

//--></script>

Copyright 2018 The Apache Software Foundation.
Licensed under the Apache License, Version 2.0.

Modules | Directives | FAQ | Glossary | Sitemap
<script type="text/javascript">

if (typeof(prettyPrint) !== 'undefined') {

    prettyPrint();

}

//--></script>

</body></html>