NAME Apache::MultiAuth - Choose from a number of authentication modules at runtime SYNOPSIS Put lines like this in your httpd.conf. In this example authorization is requested for accessing the directory /test. First the credentials (username, password) are checked against the module Apache::AuthSybase and then against the module Apache::AuthenSmb. If any of them succeeds, access to /test is granted. # in httpd.conf # Important : if not set apachectl configtest will complain about syntax errors PerlModule Apache::MultiAuth <Location /test> AuthName Test AuthType Basic # PerlSetVars for various Apache::Auth* modules # These here are example values for Apache::AuthenSmb PerlSetVar myPDC SAMBA PerlSetVar myDOMAIN ARBEITSGRUPPE # Define order and class of Auth modules to try AuthModule Apache::AuthSybase Apache::AuthenSmb PerlAuthenHandler Apache::MultiAuth require valid-user </Location> DESCRIPTION Apache::MultiAuth allows you to specify multiple authentication modules, to be tried in order. If any module in the list returns OK, then the user is considered authenticated; if none return OK, then the MultiAuth module returns AUTH_REQUIRED and the user is reprompted for credentials. This, depending on the browser, results in a 401 authorization required message. This is useful for cases where, for example, you have several authentication schemes: for example, NIS, SMB, and htpasswd, and some of your users are only registered in some of the auth databases. Using Apache::MultiAuth, they can be queried in order until the right one is found. In the event that one of these modules returns OK, a note named "AuthenticatedBy" will be set, which contains the name of the module that returned OK, like so: $r->notes("AuthenticatedBy" => "Module::Name"); This can be retrieved by any handler that runs after the authentication phase, and can be very useful in logging: CustomLog "%h %l %u %t \"%r\" %>s %b %{AuthenticatedBy}n" common_auth The last field in the common_auth log format will be the name of the module that handled the authentication. CONFIGURATION DIRECTIVES Apache::MultiAuth allows you to name a number of authentication modules, using the AuthModule directive. These modules are queried, in the order they are provided, until one of them returns OK. Apache::MultiAuth then condiders authentication to be successful, and processing continues. If none of the provided authentication modules returns OK, Apache::MultiAuth passes AUTH_REQUIRED to apache, which results in a 401 Authorization required error. AUTHORS Stathy G. Touloumis Marcel M. Weber Darren Chamberlain