mod_authn_alias - Apache HTTP Server Version 2.2

Apache Server 2.2

<-

Apache Module mod_authn_alias

Description:Provides the ability to create extended authentication providers based on actual providers
Status:Extension
Module Identifier:authn_alias_module
Source File:mod_authn_alias.c
Compatibility:Available in Apache 2.1 and later

Summary

This module allows extended authentication providers to be created within the configuration file and assigned an alias name. The alias providers can then be referenced through the directives AuthBasicProvider or AuthDigestProvider in the same way as a base authentication provider. Besides the ability to create and alias an extended provider, it also allows the same extended authentication provider to be reference by multiple locations.

top

Examples

This example checks for passwords in two different text files.

Checking multiple text password files

# Check here first
<AuthnProviderAlias file file1>
AuthUserFile /www/conf/passwords1
</AuthnProviderAlias>

# Then check here
<AuthnProviderAlias file file2>
AuthUserFile /www/conf/passwords2
</AuthnProviderAlias>

<Directory /var/web/pages/secure>
AuthBasicProvider file1 file2

AuthType Basic
AuthName "Protected Area"
Require valid-user
</Directory>

The example below creates two different ldap authentication provider aliases based on the ldap provider. This allows a single authenticated location to be serviced by multiple ldap hosts:

Checking multiple LDAP servers

LoadModule authn_alias_module modules/mod_authn_alias.so

<AuthnProviderAlias ldap ldap-alias1>
AuthLDAPBindDN cn=youruser,o=ctx
AuthLDAPBindPassword yourpassword
AuthLDAPURL ldap://ldap.host/o=ctx
</AuthnProviderAlias>

<AuthnProviderAlias ldap ldap-other-alias>
AuthLDAPBindDN cn=yourotheruser,o=dev
AuthLDAPBindPassword yourotherpassword
AuthLDAPURL ldap://other.ldap.host/o=dev?cn
</AuthnProviderAlias>

Alias /secure /webpages/secure
<Directory /webpages/secure>
Order deny,allow
Allow from all

AuthBasicProvider ldap-other-alias ldap-alias1

AuthType Basic
AuthName LDAP_Protected_Place
AuthzLDAPAuthoritative off
Require valid-user
</Directory>

top

<AuthnProviderAlias> Directive

Description:Enclose a group of directives that represent an extension of a base authentication provider and referenced by the specified alias
Syntax:<AuthnProviderAlias baseProvider Alias> ... </AuthnProviderAlias>
Context:server config
Status:Extension
Module:mod_authn_alias

<AuthnProviderAlias> and </AuthnProviderAlias> are used to enclose a group of authentication directives that can be referenced by the alias name using one of the directives AuthBasicProvider or AuthDigestProvider.

This directive has no affect on authorization, even for modules that provide both authentication and authorization.