diff options
| author | Stefan Fritsch <sf@apache.org> | 2010-09-30 19:37:55 +0200 |
|---|---|---|
| committer | Stefan Fritsch <sf@apache.org> | 2010-09-30 19:37:55 +0200 |
| commit | b2a906c8afea7ebec1d7e6c248e5c6bdc541d38b (patch) | |
| tree | eef3f02365a677f05494555939dd8c590b4abc3d /docs/manual/mod/mod_ssl.html.en | |
| parent | Rebuild generated files. (diff) | |
| download | apache2-b2a906c8afea7ebec1d7e6c248e5c6bdc541d38b.tar.xz apache2-b2a906c8afea7ebec1d7e6c248e5c6bdc541d38b.zip | |
add a bit of doc for the new authz providers
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1003180 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'docs/manual/mod/mod_ssl.html.en')
| -rw-r--r-- | docs/manual/mod/mod_ssl.html.en | 43 |
1 files changed, 37 insertions, 6 deletions
diff --git a/docs/manual/mod/mod_ssl.html.en b/docs/manual/mod/mod_ssl.html.en index d5702c3e6e..10b2be413b 100644 --- a/docs/manual/mod/mod_ssl.html.en +++ b/docs/manual/mod/mod_ssl.html.en @@ -92,6 +92,7 @@ to provide the cryptography engine.</p> <li><img alt="" src="../images/down.gif" /> <a href="#envvars">Environment Variables</a></li> <li><img alt="" src="../images/down.gif" /> <a href="#logformats">Custom Log Formats</a></li> <li><img alt="" src="../images/down.gif" /> <a href="#notes">Request Notes</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#authzproviders">Authorization providers for use with Require</a></li> </ul></div> <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> <div class="section"> @@ -237,6 +238,42 @@ string in <code class="module"><a href="../mod/mod_log_config.html">mod_log_conf for the current connection, the note is not set.</dd> </dl> +</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="authzproviders" id="authzproviders">Authorization providers for use with Require</a></h2> + + <p><code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code> provides a few authentication providers for use + with <code class="module"><a href="../mod/mod_authz_core.html">mod_authz_core</a></code>'s + <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code> directive.</p> + + <h3><a name="reqssl" id="reqssl">Require ssl</a></h3> + + <p>The <code>ssl</code> provider denies access if a connection is not + encrypted with SSL. This is similar to the + <code class="directive">SSLRequireSSL</code> directive.</p> + + <div class="example"><p><code> + Require ssl + </code></p></div> + + + + <h3><a name="reqverifyclient" id="reqverifyclient">Require ssl-verify-client</a></h3> + + <p>The <code>ssl</code> provider allows access if the user is + authenticated with a valid client certificate. This is only + useful if <code>SSLVerifyClient optional</code> is in effect.</p> + + <p>The following example grants access if the user is authenticated + either with a client certificate or by username and password.</p> + + <div class="example"><p><code> + Require ssl-verify-client<br /> + Require valid-user + </code></p></div> + + + </div> <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> <div class="directive-section"><h2><a name="SSLCACertificateFile" id="SSLCACertificateFile">SSLCACertificateFile</a> <a name="sslcacertificatefile" id="sslcacertificatefile">Directive</a></h2> @@ -1535,12 +1572,6 @@ This directive specifies a general access requirement which has to be fulfilled in order to allow access. It is a very powerful directive because the requirement specification is an arbitrarily complex boolean expression containing any number of access checks.</p> -<div class="warning"> -<p>The implementation of <code>SSLRequire</code> is not thread safe. - Using <code>SSLRequire</code> inside <code>.htaccess</code> files - on a threaded <a href="../mpm.html">MPM</a> may cause random crashes. -</p> -</div> <p> The <em>expression</em> must match the following syntax (given as a BNF grammar notation):</p> |