Google


Module mod_auth_pwcheck

for Apache web server software

© Anton Voronin (anton@urc.ac.ru), 2001.

This module provides the way for user authentication via the system password database using the pwcheck daemon from the Cyrus SASL package.

Status: Extension
Source File: mod_auth_pwcheck.c
Module Identifier: auth_pwcheck_module
Compatibility: Available for Apache 1.1. and later

Summary

This module provides the way for user authentication using the pwcheck daemon from the Cyrus SASL package. This lets the authentication to be done via the system password file without root permissions. The module also optionally provides access control via the system group file instead of any special group file used by the standard mod_auth_* modules.

Unless you wish to do access control using the system group file (i.e. if you are either using "require user ..." directive or using "require group ..." where UseSystemGroupFile is turned off), then you need any of the standard mod_auth_* modules to be in use for doing this authorization.

To have this module working add the user under which your web server is running to the group "cyrus" and ensure that /var/pwcheck is readable and searchable by group.

Directives

See also Satisfy and Require Apache core directives.

AuthPwcheck directive

Syntax: AuthPwcheck < on | off >
Default: AuthPwcheck on
Context: directory, .htaccess
Override: AuthConfig
Status: Extension
Module: mod_auth_pwcheck

This directive turns use of this module on or off. Authentication is done via pwcheck daemon only in those directories where this directive is set to on.

See also AuthName, AuthType, AuthGroupFile and UseSystemGroupFile.

UseSystemGroupFile directive

Syntax: UseSystemGroupFile < on | off >
Default: UseSystemGroupFile on
Context: directory, .htaccess
Override: AuthConfig
Status: Extension
Module: mod_auth_pwcheck

This directive lets you use the system group file (/etc/group) for authorization instead of any special group files used by the standard mod_auth_* apache modules. This sometimes may be useful when you make some parts of your web server document tree to belong to different system groups and wish the authenticated users accessing them to be authorized according to the same groups. If you don't enable this and still wish to do access control using groups, then you should ensure that one of the standard authentication modules is also in use.

See also AuthName, AuthType, AuthGroupFile and AuthPwcheck.

Download version 1.0