![[NANOWEB DOCUMENTATION]](/icons/nanoweb.png){kind=icon}
NANOWEB, the aEGiS PHP web server
HTTP Authentication
The authentication feature is part of the hypertext transport protocol (HTTP), and allows to restrict access to specified directories or complete areas with login names and passwords.NANOWEB allows this very flexible, again due to its modular structure. Currently there exist 9 extensions modules for HTTP authentication:
| mod_auth_simple | SIMPLE | User names and passwords are kept in one of the configuration files. |
| mod_auth_htpasswd | HTPASSWD | Authentication files from the apache webserver can be used with this module. |
| mod_auth_nwauth | NWAUTH | Nanoweb authentication files are much like the apache ones. |
| mod_auth_mysql | MYSQL | This module expects login/password pairs to be listed in a MySQL database. |
| mod_auth_pgsql | PGSQL | PostgreSQL database authentication. |
| mod_auth_ldap | LDAP | Authentication data from LDAP. |
| mod_auth_anydb | ANYDB | Any database supported by either PEAR::DB, ADOdb or PHP_dbx can be used for authentication. |
| mod_auth_anonymous | ANONYMOUS | Anonymous login (like with FTP). |
| mod_auth_subversion | SUBVERSION | Subversion repository authentication. |
In order to use them, you have of course to load them into the server (using the LoadModule directive). You can load all authentication modules together, as authentication can be activated with one of them on a per-directory basis (in .nwaccess files), for example:
AuthRealm = Info: Directory password required! AuthRequire = SIMPLE AuthSimpleUserPass = ...
In this example config file the »SIMPLE« authentication scheme (from mod_auth_simple) is used. But for another directory you could use a apache password file with "AuthRequire=HTPASSWD".
# two methods combined => logical OR AuthRequire = SIMPLE AuthRequire = MYSQL
If you combine two AuthRequire directives in one configuration file (.nwaccess) like in the above example, the user will be granted access if its login name and password are verified by one of the authentication modules (logical OR). This way you could specify system-wide authentication data for a few people only with mod_auth_simple and grant thousands of other users access via mod_auth_mysql where required.
# Require auth only for some locations AuthRequire = SIMPLE AuthLocation = /admin/ AuthLocation = /site/admin.php
Using the AuthLocation in the global, virtualhost, or access file will restrict the need for authentication to the specified locations.