mod_auth_basic

Overview

mod_auth_basic module enables support of HTTP Basic Authentication to restrict access by looking up users in the given providers. This module should usually be used together with at least one authentication module such as mod_authn_file and one authorization module such as mod_authz_user .

Quick start

Sample mod_basic configuration in .htaccess

# Authentication type
AuthType Basic
# Name of area authentication will be used for (aka realm)
AuthName "secret area"
# Authentication provider. Here - mod_authn_file
AuthBasicProvider file
# Info for mod_authn_file - path to password file
AuthUserFile c:\inetpub\.htpasswds
# Access will be granted to all authenticated users
Require valid-user

Related articles and topics

Enviroment variables

Name Context Description
on_auth_create_user S V D .h creates ASP.NET context user

By default mod_auth_basic does not create ASP.NET context user. If you want it to be created, put the following line into the corresponding config:

SetEnv on_auth_create_user

Directives

Name Context Description
AuthBasicAuthoritative S V D .h defines whether authorization and authentication are passed to lower level modules
AuthBasicProvider S V D .h sets the authentication provider(s) for this location

AuthBasicAuthoritative

AuthBasicAuthoritative directive defines whether authorization and authentication are passed to lower level modules.

Normally, each authorization module listed in AuthBasicProvider will attempt to verify the user, and if the user is not found in any provider, access will be denied with "401 Authorization Required" response. Setting AuthBasicAuthoritative directive to Off allows to pass both authentication and authorization to other non-provider-based modules (e.g. to modules that cannot be defined in AuthBasicProvider directive).

Syntax

AuthBasicAuthoritative On|Off

AuthBasicProvider

AuthBasicProvider directive sets which provider is used for user authentication. The default provider is mod_authn_file module.

Syntax

AuthBasicProvider provider-name ...

Default

AuthBasicProvider file

Example

<Location /secure>
  AuthType basic
  AuthName "private area"
  AuthBasicProvider file
  AuthUserFile c:\inetpub\users\conf\.htpasswds
  Require valid-user
</Location>