- Overview
- Installation & Uninstallation
- Local and remote management using IIS 7
- Context and processing order
- Apache compatibility
- Modules
- core functions
- mod_antibot
- mod_asis
- mod_auth_basic
- mod_auth_digest
- mod_authn_anon
- mod_authn_dbd
- mod_authn_default
- mod_authn_file
- mod_authz_default
- mod_authz_groupfile
- mod_authz_host
- mod_authz_user
- mod_cache
- mod_dbd
- mod_deflate
- mod_developer
- mod_dir
- mod_disk_cache
- mod_env
- mod_evasive
- mod_expires
- mod_filter
- mod_gzip
- mod_headers
- mod_hotlink
- mod_linkfreeze
- mod_log_config
- mod_logio
- mod_mem_cache
- mod_mime
- mod_proxy
- mod_replace
- mod_rewrite
- mod_seo
- mod_setenvif
- mod_so
- mod_speling
- mod_usertrack
- mod_xsendfile
- Articles
- Release history
- Troubleshooting
- License agreement
mod_auth_basic
Overview
mod_auth_basic module enables support of HTTP Basic Authentication to restrict access by looking up users in the given providers. This module should usually be used together with at least one authentication module such as mod_authn_file and one authorization module such as mod_authz_user .
Quick start
Sample mod_basic configuration in .htaccess
# Authentication type
AuthType Basic
# Name of area authentication will be used for (aka realm)
AuthName "secret area"
# Authentication provider. Here - mod_authn_file
AuthBasicProvider file
# Info for mod_authn_file - path to password file
AuthUserFile c:\inetpub\.htpasswds
# Access will be granted to all authenticated users
Require valid-userRelated articles and topics
- HTTP Authentication and Authorization
- Enabling site authentication not using Windows users
- mod_auth_digest
- mod_authn_dbd
- mod_authn_file
- mod_authz_groupfile
- mod_authz_host
- mod_authz_user
Enviroment variables
| Name | Context | Description |
|---|---|---|
| on_auth_create_user | S V D .h | creates ASP.NET context user |
By default mod_auth_basic does not create ASP.NET context user. If you want it to be created, put the following line into the corresponding config:
SetEnv on_auth_create_userDirectives
| Name | Context | Description |
|---|---|---|
| AuthBasicAuthoritative | S V D .h | defines whether authorization and authentication are passed to lower level modules |
| AuthBasicProvider | S V D .h | sets the authentication provider(s) for this location |
AuthBasicAuthoritative
AuthBasicAuthoritative
directive defines whether authorization and authentication are passed to lower level modules.
Normally, each authorization module listed in
AuthBasicProvider
will attempt to verify the user, and if the user is not found in any provider,
access will be denied with "401 Authorization Required" response.
Setting
AuthBasicAuthoritative
directive to
Off
allows to pass both authentication and authorization to other non-provider-based
modules (e.g. to modules that cannot be defined in
AuthBasicProvider
directive).
Syntax
AuthBasicAuthoritative On|OffAuthBasicProvider
AuthBasicProvider directive sets which provider is used for user authentication. The default provider is mod_authn_file module.
Syntax
AuthBasicProvider provider-name ...Default
AuthBasicProvider fileExample
<Location /secure>
AuthType basic
AuthName "private area"
AuthBasicProvider file
AuthUserFile c:\inetpub\users\conf\.htpasswds
Require valid-user
</Location>