Enviroment variables
| Name |
Context |
Description |
| enable_plaintext_passwords |
S V D.h |
Enables plain text passwords in password file; by default it is disabled |
Directives
| Name |
Context |
Description |
| AuthUserFile |
D.h |
sets the name of a text file containing the list of users and passwords for authentication |
AuthUserFile
AuthUserFile directive specifies the name of a text file containing the list of user-password pairs for user authentication. File-path is the path to the user file. If it is not absolute, it is treated as relative to the current configuration file ( httpd.conf or .htaccess ).
Note! You can put several AuthUserFile directives into the config file thus enabling Ape to load passwords from several files that may be helpful for logical divison of users into groups (not supported in Apache) .
Syntax
AuthUserFile file-path
Example
AuthUserFile H:\root\home\your root path\.htpasswds
AuthUserFile H:\root\home\your root path\.htpasswds
Each line of password file contains a username, colon and encrypted user password. If the same username occurs several times, mod_authn_file will verify the password against the first occurrence.
Passwords can be easily generated directly from the Helicon Ape Manager. Having opened the Manager, create new file ( File -> New ) and go to Options -> Insert user password... ; you'll see the dialog allowing generation of user passwords for Basic and Digest authentication.
To apply this module to, for example, mod_auth_basic or mod_auth_digest, it should be defined in AuthBasicProvider or AuthDigestProvider respectively with file value.
That is the most usable authentication method as it is the simplest. Moreover, the password file may be edited manually. The shortcoming of this method is that it becomes very sluggish when the number of users grows up.
Security note! Don't locate passwords file inside the directory that it protects and inside web-server document tree. Otherwise, clients will have a chance to download it.