mod_auth_basic

mod_auth_basic overview

mod_auth_basic module enables support of HTTP Basic Authentication to restrict access by looking up users in the given providers. This module should usually be used together with at least one authentication module such as mod_authn_file and one authorization module such as mod_authz_user.

Note!
By default mod_auth_basic does not create ASP.Net context user. If you want it to be created, put the following line into the corresponding config: 

SetEnv on_auth_create_user

mod_auth_basic directives

AuthBasicAuthoritative

Description: Sets whether authorization and authentication are passed to lower level modules
Syntax: AuthBasicAuthoritative On|Off
Default: AuthBasicAuthoritative On
Context: directory, .htaccess
Module: mod_auth_basic

Normally, each authorization module listed in AuthBasicProvider will attempt to verify the user, and if the user is not found in any provider, access will be denied with "401 Authorization Required" response. Setting AuthBasicAuthoritative directive to off allows to pass both authentication and authorization to other non-provider-based modules (e.g. to modules that cannot be defined in AuthBasicProvider directive).

AuthBasicProvider

Description: Sets the authentication provider(s) for this location
Syntax: AuthBasicProvider provider-name [provider-name] ...
Default: AuthBasicProvider file
Context: directory, .htaccess
Module: mod_auth_basic

AuthBasicProvider directive sets which provider is used for user authentication. The default provider is mod_authn_file module.

Example: 

<Location /secure>
	AuthType basic
	AuthName "private area"
	AuthBasicProvider file
	AuthUserFile /etc/apache2/conf/.htpasswds
	Require valid-user
</Location>