mod_authz_groupfile
Overview
mod_authz_groupfile module provides authorization to specific parts of the site based on user's group membership.
Quick start
Sample mod_auth_basic & mod_authz_groupfile configuration in .htaccess
# Authentication type
AuthType Basic
# Name of area authentication will be used for (aka realm)
AuthName "secret area"
# Authentication provider. Here - mod_authn_file
AuthBasicProvider file
# Path to password file
AuthUserFile c:\inetpub\users\.htpasswds
# Path to group file
AuthGroupFile c:\inetpub\users\.groups
# Access will be granted to all authenticated users from 'admins' group
Require group admins
Sample of .htpasswds file:
john:jhnpswd
bill:billsecret
jack:jack123
Sample of .groups file:
# admins group
admins: john jack
# users group
users: john bill jack
Related articles and topics
Directives
AuthGroupFile
AuthGroupFile directive specifies the name of the text file
containing the list of user groups for user authorization. File-path
is the path to the group file. If it is not absolute, it is treated as relative
to the current configuration file (httpd.conf or .htaccess).
Syntax
AuthGroupFile file-path
Each line of the group file contains a groupname, colon and space-separated
members usernames.
operators: bill george barak
Security note!
Don't locate AuthGroupFile inside the directory that it protects
and inside web-server document tree. Otherwise, clients will have a chance to
download groups file.
AuthzGroupFileAuthoritative
Sets whether authorization will be passed on to lower level modules.
If AuthzGroupFileAuthoritative is set to off
and no group got matched against specified userID, group authorization will
be passed to lower level modules (if any).
Syntax
AuthzGroupFileAuthoritative On|Off
Default
AuthzGroupFileAuthoritative On
|
