1<?xml version="1.0" encoding="ISO-8859-1"?> 2<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> 3<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!-- 4 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX 5 This file is generated from xml source: DO NOT EDIT 6 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX 7 --> 8<title>mod_authn_file - Apache HTTP Server</title> 9<link href="/style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> 10<link href="/style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> 11<link href="/style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link rel="stylesheet" type="text/css" href="/style/css/prettify.css" /> 12<script src="/style/scripts/prettify.js" type="text/javascript"> 13</script> 14 15<link href="/images/favicon.ico" rel="shortcut icon" /></head> 16<body> 17<div id="page-header"> 18<p class="menu"><a href="/mod/">Modules</a> | <a href="/mod/directives.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="/glossary.html">Glossary</a> | <a href="/sitemap.html">Sitemap</a></p> 19<p class="apache">Apache HTTP Server Version 2.2</p> 20<img alt="" src="/images/feather.gif" /></div> 21<div class="up"><a href="./"><img title="<-" alt="<-" src="/images/left.gif" /></a></div> 22<div id="path"> 23<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.2</a> > <a href="./">Modules</a></div> 24<div id="page-content"> 25<div id="preamble"><h1>Apache Module mod_authn_file</h1> 26<div class="toplang"> 27<p><span>Available Languages: </span><a href="/en/mod/mod_authn_file.html" title="English"> en </a> | 28<a href="/fr/mod/mod_authn_file.html" hreflang="fr" rel="alternate" title="Fran�ais"> fr </a> | 29<a href="/ja/mod/mod_authn_file.html" hreflang="ja" rel="alternate" title="Japanese"> ja </a> | 30<a href="/ko/mod/mod_authn_file.html" hreflang="ko" rel="alternate" title="Korean"> ko </a></p> 31</div> 32<table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>User authentication using text files</td></tr> 33<tr><th><a href="module-dict.html#Status">Status:</a></th><td>Base</td></tr> 34<tr><th><a href="module-dict.html#ModuleIdentifier">Module�Identifier:</a></th><td>authn_file_module</td></tr> 35<tr><th><a href="module-dict.html#SourceFile">Source�File:</a></th><td>mod_authn_file.c</td></tr> 36<tr><th><a href="module-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache 2.1 and later</td></tr></table> 37<h3>Summary</h3> 38 39 <p>This module provides authentication front-ends such as 40 <code class="module"><a href="/mod/mod_auth_digest.html">mod_auth_digest</a></code> and <code class="module"><a href="/mod/mod_auth_basic.html">mod_auth_basic</a></code> 41 to authenticate users by looking up users in plain text password files. 42 Similar functionality is provided by <code class="module"><a href="/mod/mod_authn_dbm.html">mod_authn_dbm</a></code>.</p> 43 44 <p>When using <code class="module"><a href="/mod/mod_auth_basic.html">mod_auth_basic</a></code> or 45 <code class="module"><a href="/mod/mod_auth_digest.html">mod_auth_digest</a></code>, this module is invoked via the 46 <code class="directive"><a href="/mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code> or 47 <code class="directive"><a href="/mod/mod_auth_digest.html#authdigestprovider">AuthDigestProvider</a></code> 48 with the <code>file</code> value.</p> 49</div> 50<div id="quickview"><h3 class="directives">Directives</h3> 51<ul id="toc"> 52<li><img alt="" src="/images/down.gif" /> <a href="#authuserfile">AuthUserFile</a></li> 53</ul> 54<h3>See also</h3> 55<ul class="seealso"> 56<li> 57 <code class="directive"><a href="/mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code> 58</li> 59<li> 60 <code class="directive"><a href="/mod/mod_auth_digest.html#authdigestprovider">AuthDigestProvider</a></code> 61</li> 62<li><code class="program"><a href="/programs/htpasswd.html">htpasswd</a></code></li> 63<li><code class="program"><a href="/programs/htdigest.html">htdigest</a></code></li> 64</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div> 65 66<div class="top"><a href="#page-header"><img alt="top" src="/images/up.gif" /></a></div> 67<div class="directive-section"><h2><a name="AuthUserFile" id="AuthUserFile">AuthUserFile</a> <a name="authuserfile" id="authuserfile">Directive</a></h2> 68<table class="directive"> 69<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Sets the name of a text file containing the list of users and 70passwords for authentication</td></tr> 71<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthUserFile <var>file-path</var></code></td></tr> 72<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr> 73<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr> 74<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr> 75<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authn_file</td></tr> 76</table> 77 <p>The <code class="directive">AuthUserFile</code> directive sets the name 78 of a textual file containing the list of users and passwords for 79 user authentication. <var>File-path</var> is the path to the user 80 file. If it is not absolute, it is treated as relative to the 81 <code class="directive"><a href="/mod/core.html#serverroot">ServerRoot</a></code>.</p> 82 83 <p>Each line of the user file contains a username followed by 84 a colon, followed by the encrypted password. If the same user 85 ID is defined multiple times, <code class="module"><a href="/mod/mod_authn_file.html">mod_authn_file</a></code> will 86 use the first occurrence to verify the password.</p> 87 88 <p>The utility <code class="program"><a href="/programs/htpasswd.html">htpasswd</a></code> 89 which is installed as part of the binary distribution, or which 90 can be found in <code>src/support</code>, is used to maintain 91 the password file for <em>HTTP Basic Authentication</em>. See the 92 <a href="/programs/htpasswd.html">man page</a> for more details. 93 In short:</p> 94 95 <p>Create a password file <code>Filename</code> with 96 <code>username</code> as the initial ID. It will prompt for 97 the password:</p> 98 99 <div class="example"><p><code> 100 htpasswd -c Filename username 101 </code></p></div> 102 103 <p>Add or modify <code>username2</code> in the password file 104 <code>Filename</code>:</p> 105 106 <div class="example"><p><code> 107 htpasswd Filename username2 108 </code></p></div> 109 110 <p>Note that searching large text files is <em>very</em> 111 inefficient; <code class="directive"><a href="/mod/mod_authn_dbm.html#authdbmuserfile">AuthDBMUserFile</a></code> should be used 112 instead.</p> 113 114 <p>If you are using <em>HTTP Digest Authentication</em>, the <code class="program"><a href="/programs/htpasswd.html">htpasswd</a></code> tool is not sufficient. 115 You have to use <code class="program"><a href="/programs/htdigest.html">htdigest</a></code> 116 instead. Note that you cannot mix user data for Digest Authentication 117 and Basic Authentication within the same file.</p> 118 119 <div class="warning"><h3>Security</h3> 120 <p>Make sure that the <code class="directive">AuthUserFile</code> is 121 stored outside the document tree of the web-server. Do 122 <strong>not</strong> put it in the directory that it protects. 123 Otherwise, clients may be able to download the 124 <code class="directive">AuthUserFile</code>.</p> 125 </div> 126 127</div> 128</div> 129<div class="bottomlang"> 130<p><span>Available Languages: </span><a href="/en/mod/mod_authn_file.html" title="English"> en </a> | 131<a href="/fr/mod/mod_authn_file.html" hreflang="fr" rel="alternate" title="Fran�ais"> fr </a> | 132<a href="/ja/mod/mod_authn_file.html" hreflang="ja" rel="alternate" title="Japanese"> ja </a> | 133<a href="/ko/mod/mod_authn_file.html" hreflang="ko" rel="alternate" title="Korean"> ko </a></p> 134</div><div class="top"><a href="#page-header"><img src="/images/up.gif" alt="top" /></a></div><div class="section"><h2><a id="comments_section" name="comments_section">Comments</a></h2><div class="warning"><strong>Notice:</strong><br />This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our <a href="http://httpd.apache.org/lists.html">mailing lists</a>.</div> 135<script type="text/javascript"><!--//--><![CDATA[//><!-- 136var comments_shortname = 'httpd'; 137var comments_identifier = 'http://httpd.apache.org/docs/2.2/mod/mod_authn_file.html'; 138(function(w, d) { 139 if (w.location.hostname.toLowerCase() == "httpd.apache.org") { 140 d.write('<div id="comments_thread"><\/div>'); 141 var s = d.createElement('script'); 142 s.type = 'text/javascript'; 143 s.async = true; 144 s.src = 'https://comments.apache.org/show_comments.lua?site=' + comments_shortname + '&page=' + comments_identifier; 145 (d.getElementsByTagName('head')[0] || d.getElementsByTagName('body')[0]).appendChild(s); 146 } 147 else { 148 d.write('<div id="comments_thread">Comments are disabled for this page at the moment.<\/div>'); 149 } 150})(window, document); 151//--><!]]></script></div><div id="footer"> 152<p class="apache">Copyright 2013 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> 153<p class="menu"><a href="/mod/">Modules</a> | <a href="/mod/directives.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="/glossary.html">Glossary</a> | <a href="/sitemap.html">Sitemap</a></p></div><script type="text/javascript"><!--//--><![CDATA[//><!-- 154if (typeof(prettyPrint) !== 'undefined') { 155 prettyPrint(); 156} 157//--><!]]></script> 158</body></html>
