<p>Let's examine each of those directives individually. The <code class="directive"><a href="../mod/core.html#authtype">AuthType</a></code> directive selects
that method that is used to authenticate the user. The most
common method is <code>Basic</code>, and this is the method
implemented by <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code>. It is important to be aware,
however, that Basic authentication sends the password from the client to
the server unencrypted. This method should therefore not be used for
highly sensitive data, unless accompanied by <code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code>.
Apache supports one other authentication method:
<code>AuthType Digest</code>. This method is implemented by <code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code> and is much more secure. Most recent
directive sets the path to the password file that we just
created with <code class="program"><a href="../programs/htpasswd.html">htpasswd</a></code>. If you have a large number
of users, it can be quite slow to search through a plain text
file to authenticate the user on each request. Apache also has
the ability to store user information in fast database files.
The <code class="module"><a href="../mod/mod_authn_dbm.html">mod_authn_dbm</a></code> module provides the <code class="directive"><a href="../mod/mod_authn_dbm.html#authdbmuserfile">AuthDBMUserFile</a></code> directive. These
files can be created and manipulated with the <code class="program"><a href="../programs/dbmmanage.html">dbmmanage</a></code> program. Many
other types of authentication options are available from third
party modules in the <a href="http://modules.apache.org/">Apache Modules
Database</a>.</p>
<p>Finally, the <code class="directive"><a href="../mod/core.html#require">Require</a></code>
directive provides the authorization part of the process by
setting the user that is allowed to access this region of the
server. In the next section, we discuss various ways to use the
<p>Because storing passwords in plain text files has the above
problems, you may wish to store your passwords somewhere else, such
as in a database.</p>
<p><code class="module"><a href="../mod/mod_authn_dbm.html">mod_authn_dbm</a></code> and <code class="module"><a href="../mod/mod_authn_dbd.html">mod_authn_dbd</a></code> are two
modules which make this possible. Rather than selecting <code><code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code> file</code>, instead
you can choose <code>dbm</code> or <code>dbd</code> as your storage
format.</p>
<p>To select a dbd file rather than a text file, for example:</p>
<div class="example"><p><code>
<Directory /www/docs/private><br />
AuthName "Private"<br />
AuthType Basic<br />
AuthBasicProvider dbm<br />
AuthDBMUserFile /www/passwords/passwd.dbm<br />
Require valid-user
</Directory>
</code></p></div>
<p>Other options are available. Consult the
<code class="module"><a href="../mod/mod_authn_dbm.html">mod_authn_dbm</a></code> documentation for more details.</p>
<code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code> and <code class="module"><a href="../mod/mod_authz_host.html">mod_authz_host</a></code> which
contain some more information about how this all works.
<code class="module"><a href="../mod/mod_authn_alias.html">mod_authn_alias</a></code> can also help in simplifying certain
authentication configurations.</p>
<p>The various ciphers supported by Apache for authentication data are
explained in <a href="../misc/password_encryptions.html">Password
Encryptions</a>.</p>
<p>And you may want to look at the <a href="access.html">Access
Control</a> howto, which discusses a number of related topics.</p>
</div></div>
<div class="bottomlang">
<p><span>Available Languages: </span><a href="../en/howto/auth.html" title="English"> en </a> |
<a href="../ja/howto/auth.html" hreflang="ja" rel="alternate" title="Japanese"> ja </a> |
<a href="../ko/howto/auth.html" hreflang="ko" rel="alternate" title="Korean"> ko </a></p>
</div><div id="footer">
<p class="apache">Copyright 2007 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>