mod_authz_groupfile

mod_authz_groupfile overview

mod_authz_groupfile module provides authorization to specific parts of the site based on user's group membership.

 

mod_authz_groupfile directives

AuthGroupFile

Description: Sets the name of a text file containing the list of user groups for authorization
Syntax: AuthGroupFile file-path
Context: directory, .htaccess
Module: mod_authz_groupfile

AuthGroupFile directive specifies the name of the text file containing the list of user groups for user authorization. File-path is the path to the group file. If it is not absolute, it is treated as relative to the ServerRoot.

Each line of the group file contains a groupname, colon and space-separated members usernames.

Example:

group1: jim frank sue

Security note! Don't locate AuthGroupFile inside the directory that it protects and inside web-server document tree. Otherwise, clients will have a chance to download AuthGroupFile.

 

AuthzGroupFileAuthoritative

Description: Sets whether authorization will be passed on to lower level modules
Syntax: AuthzGroupFileAuthoritative On|Off
Default: AuthzGroupFileAuthoritative On
Context: directory, .htaccess
Module: mod_authz_groupfile

If AuthzGroupFileAuthoritative is set to off and no group got matched against specified userID, group authorization will be passed to lower level modules (if any).