summaryrefslogtreecommitdiffstats
path: root/docs/manual/mod/mod_authz_user.xml
diff options
context:
space:
mode:
Diffstat (limited to 'docs/manual/mod/mod_authz_user.xml')
-rw-r--r--docs/manual/mod/mod_authz_user.xml48
1 files changed, 48 insertions, 0 deletions
diff --git a/docs/manual/mod/mod_authz_user.xml b/docs/manual/mod/mod_authz_user.xml
new file mode 100644
index 0000000000..0cbe770d6b
--- /dev/null
+++ b/docs/manual/mod/mod_authz_user.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0"?>
+<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
+<?xml-stylesheet type="text/xsl" href="../style/manual.en.xsl"?>
+<modulesynopsis>
+
+<name>mod_authz_user</name>
+<description>User Authorization</description>
+<status>Base</status>
+<sourcefile>mod_authz_user.c</sourcefile>
+<identifier>authz_user_module</identifier>
+<compatibility>Available in Apache 2.1 and later</compatibility>
+
+<summary>
+ <p>This module provides authorization capabilities so that
+ authenticated users can be allowed or denied access to portions
+ of the web site. <module>mod_authz_user</module> grants
+ access if the authenticated user is listed in a <code>Require user</code>
+ directive. Alternatively <code>require valid-user</code> can be used to
+ grant access to all successfully authenticated users.</p>
+</summary>
+<seealso><directive module="core">Require</directive></seealso>
+<seealso><directive module="core">Satisfy</directive></seealso>
+
+<directivesynopsis>
+<name>AuthzUserAuthoritative</name>
+<description>Sets whether authorization will be passed on to lower level
+modules</description>
+<syntax>AuthzUserAuthoritative On|Off</syntax>
+<default>AuthzUserAuthoritative On</default>
+<contextlist><context>directory</context><context>.htaccess</context>
+</contextlist>
+<override>AuthConfig</override>
+
+<usage>
+ <p>Setting the <directive>AuthzUserAuthoritative</directive>
+ directive explicitly to <code>Off</code> allows for
+ user authorization to be passed on to lower level modules (as defined
+ in the <code>modules.c</code> files) if there is <strong>no
+ user</strong> matching the supplied userID.</p>
+
+ <p>By default, control is not passed on and an unknown user
+ will result in an Authentication Required reply. Not
+ setting it to <code>Off</code> thus keeps the system secure and forces
+ an NCSA compliant behaviour.</p>
+</usage>
+</directivesynopsis>
+
+</modulesynopsis>
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-20 08:42:44 +0100