summaryrefslogtreecommitdiff
path: root/www/ap24-authnz-external/DESCR
blob: 0a4e81c24c12b93f53344967e583339123c01d97 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
The Apache HTTP Daemon can be configured to require users to supply logins
and passwords before accessing pages in some directories. Authentication is
the process of checking if the password given is correct for a user. Apache
has standard modules for authenticating out of several different kinds of
databases. The external authentication module provides a flexible tool for
creating authentication systems based on other databases.

The module can be used in either of two somewhat divergent ways:
1) External Authentication:

When a user supplies a login and password, mod_auth*_external runs a program
you write, passing it the login and password. Your program does whatever
checking and logging it needs to, and then returns a Accept/Reject flag to
Apache.

2) Hardcoded Authentication:

Some hooks have been inserted into mod_auth*_external to make it easy to
replace the call to the external authentication program with a call to a
hardcoded internal authentication routine that you write.