[svnbook] r5068 committed - branches/1.6/en
cmpilato at users.sourceforge.net
cmpilato at users.sourceforge.net
Tue Jan 5 12:32:50 CST 2016
Revision: 5068
http://sourceforge.net/p/svnbook/source/5068
Author: cmpilato
Date: 2016-01-05 18:32:49 +0000 (Tue, 05 Jan 2016)
Log Message:
-----------
Merge from ^/trunk/en r4335.
Revision Links:
--------------
http://sourceforge.net/p/svnbook/source/4335
Modified Paths:
--------------
branches/1.6/en/book/ch06-server-configuration.xml
Property Changed:
----------------
branches/1.6/en/
Index: branches/1.6/en
===================================================================
--- branches/1.6/en 2015-12-17 23:04:51 UTC (rev 5067)
+++ branches/1.6/en 2016-01-05 18:32:49 UTC (rev 5068)
Property changes on: branches/1.6/en
___________________________________________________________________
Modified: svn:mergeinfo
## -1 +1 ##
-/trunk/en:3996,3999,4011,4024,4036-4037,4039,4043,4046,4049,4052,4054,4060,4062,4066,4070-4073,4076,4078-4079,4081-4089,4092,4095,4097,4099,4103,4105,4107,4117-4118,4121,4136-4137,4192-4193,4231,4261,4296,4299,4305,4352,4364,4742,4958,5043
+/trunk/en:3996,3999,4011,4024,4036-4037,4039,4043,4046,4049,4052,4054,4060,4062,4066,4070-4073,4076,4078-4079,4081-4089,4092,4095,4097,4099,4103,4105,4107,4117-4118,4121,4136-4137,4192-4193,4231,4261,4296,4299,4305,4335,4352,4364,4742,4958,5043
\ No newline at end of property
Modified: branches/1.6/en/book/ch06-server-configuration.xml
===================================================================
--- branches/1.6/en/book/ch06-server-configuration.xml 2015-12-17 23:04:51 UTC (rev 5067)
+++ branches/1.6/en/book/ch06-server-configuration.xml 2016-01-05 18:32:49 UTC (rev 5068)
@@ -1945,11 +1945,30 @@
$
</screen>
</informalexample>
+
+ <para>Next, ensure that Apache has access to the modules which
+ provide the Basic authentication and related
+ functionality: <literal>mod_auth_basic</literal>,
+ <literal>mod_authn_file</literal>, and
+ <literal>mod_authz_user</literal>. In many cases, these
+ modules are compiled into <command>httpd</command> itself,
+ but if not, you might need to explicitly load one or more of
+ them using the <literal>LoadModule</literal> directive:</para>
- <para>Next, add some more directives inside the
- <literal><Location></literal> block to tell Apache how
- to use the password file:</para>
+ <informalexample>
+ <programlisting>
+LoadModule auth_basic_module modules/mod_auth_basic.so
+LoadModule authn_file_module modules/mod_authn_file.so
+LoadModule authz_user_module moduels/mod_authz_user.so
+</programlisting>
+ </informalexample>
+ <para>After ensuring the Apache has access to the required
+ functionality, you'll need to add some more directives
+ inside the <literal><Location></literal> block to tell
+ Apache what type of authentication you wish to use, and just
+ how to to so:</para>
+
<informalexample>
<programlisting>
<Location /svn>
@@ -1959,6 +1978,7 @@
# Authentication: Basic
AuthName "Subversion repository"
AuthType Basic
+ AuthBasicProvider file
AuthUserFile /etc/svn-auth.htpasswd
</Location>
</programlisting>
@@ -1978,6 +1998,12 @@
authentication to use.</para>
</listitem>
<listitem>
+ <para><literal>AuthBasicProvider</literal> specifies the
+ Basic authentication provider to use for the location.
+ In our example, we wish to consult a local password
+ file.</para>
+ </listitem>
+ <listitem>
<para><literal>AuthUserFile</literal> specifies the
location of the password file to use.</para>
</listitem>
@@ -2004,6 +2030,7 @@
# Authentication: Basic
AuthName "Subversion repository"
AuthType Basic
+ AuthBasicProvider file
AuthUserFile /etc/svn-auth.htpasswd
# Authorization: Authenticated users only
@@ -2016,6 +2043,17 @@
for more detail on the <literal>Require</literal> directive
and other ways to set authorization policies.</para>
+ <note>
+ <para>The default value of the
+ <literal>AuthBasicProvider</literal> option is
+ <literal>file</literal>, so we won't bother including
+ it in future examples. Just know that if in a broader
+ context you've set this value to something else, you'll
+ need to explicitly reset it to <literal>file</literal>
+ within your Subversion <literal><Location></literal>
+ block in order to get that behavior.</para>
+ </note>
+
</sect3>
<!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
@@ -2033,8 +2071,10 @@
verifies that the hashes match.</para>
<para>Configuring Apache to use Digest authentication is
- straightforward, with only small variations on our prior
- example:</para>
+ straightforward. You'll need to ensure that
+ the <literal>mod_auth_digest</literal> module is available
+ (instead of <literal>mod_auth_basic</literal>), and then
+ make a few small variations on our prior example:</para>
<informalexample>
<programlisting>
@@ -2045,6 +2085,7 @@
# Authentication: Digest
AuthName "Subversion repository"
AuthType Digest
+ AuthDigestProvider file
AuthUserFile /etc/svn-auth.htdigest
# Authorization: Authenticated users only
@@ -2056,17 +2097,29 @@
<para>Notice that <literal>AuthType</literal> is now set to
<literal>Digest</literal>, and we specify a different path
for <literal>AuthUserFile</literal>. Digest authentication
- uses a different file format than Basic authentication; it
- is created using Apache's <command>htdigest</command>
+ uses a different file format than Basic authentication,
+ created and managed using Apache's <command>htdigest</command>
utility<footnote><para>See
<ulink url="http://httpd.apache.org/docs/current/programs/htdigest.html"
- />.</para></footnote> rather
- than <command>htpasswd</command>. Digest authentication
- also has the additional concept of a
+ />.</para></footnote> rather than <command>htpasswd</command>.
+ Digest authentication also has the additional concept of a
<quote>realm</quote>, which must match the value of the
- <literal>AuthName</literal> directive. The password file
- can be created as follows:</para>
+ <literal>AuthName</literal> directive.</para>
+ <note>
+ <para>For digest authentication, the authentication provider
+ is selected using the <literal>AuthDigestProvider</literal>
+ as shown in the previous example. As was the case with
+ the <literal>AuthBasicProvider</literal> directive,
+ <literal>file</literal> is the default value of the
+ <literal>AuthDigestProvider</literal> option, so this
+ line is not strictly required unless you need to override
+ a different value thereof inherited from a broader
+ configuration context.</para>
+ </note>
+
+ <para>The password file can be created as follows:</para>
+
<informalexample>
<screen>
$ ### First time: use -c to create the file
More information about the svnbook-dev
mailing list