Apache HTTP Server Version 2.5
Apache HTTP Server Version 2.5
| Description: | Core Token Handling |
|---|---|
| Status: | Base |
| Module Identifier: | autht_core_module |
| Source File: | mod_autht_core.c |
| Compatibility: | Available in Apache 2.5 and later |
This module provides core token handling capabilities to
allow or deny access to portions of the web site.
mod_autht_core provides directives that are
common to all token providers.
Extended token providers can be created within the configuration
file and assigned an alias name. The alias providers can then be
referenced through the
AuthBearerProvider
directive in the same way as a base token provider. Besides the
ability to create and alias an extended provider, it also allows
the same extended token provider to be reference by multiple
locations.
This example checks for JWT token signatures in two different secret files.
# Check here first
<AuthtProviderAlias jwt jwt1>
AuthtJwtVerify hs256 file "/www/conf/realm1.secret"
</AuthtProviderAlias>
# Then check here
<AuthtProviderAlias jwt jwt2>
AuthtJwtVerify hs256 file "/www/conf/realm2.secret"
</AuthtProviderAlias>
<Directory "/var/web/pages/secure">
AuthBearerProvider jwt1 jwt2
AuthType Basic
AuthName "Protected Area"
Require valid-user
</Directory>
| Description: | Enclose a group of directives that represent an extension of a base token provider and referenced by the specified alias |
|---|---|
| Syntax: | <AuthtProviderAlias baseProvider Alias>
... </AuthtProviderAlias> |
| Context: | server config |
| Status: | Base |
| Module: | mod_autht_core |
<AuthtProviderAlias> and
</AuthtProviderAlias> are used to enclose a group of
authentication directives that can be referenced by the alias name
using the
AuthBearerProvider.