Authn/Authz

Although the first change—the configuration file rearrangement—is largely cosmetic, this next change is very significant, and one of the major reasons that you want to upgrade to 2.2.

Prior to 2.2, the authentication and authorization landscape was fairly limited. Each authentication module defined the authentication type (Basic or Digest) and the mechanism for storing the user credentials (username and password) and group information.

This meant that if you wanted to mix and match—say, if you wanted to use digest authentication and store your passwords in DBM files—there simply wasn’t any way to do that.

With authentication and authorization in 2.2, these choices are made independently. You select the AuthType and then select an AuthProvider to indicate where your user credentials will be stored.

This work began in the 2.0 versions, but it was decided to not release it until 2.2, since it is a significant change that requires administrators to change the syntax that they use for configuration. The good news here is that if you’re using the most common configuration—Basic authentication using text password files—the old style configuration will continue to work without changes.

However, you should become familiar with the new configuration syntax, so that you can take advantage of the new flexibility it offers.

Examples

Consider the following simple examples. First, this is the configuration for Basic authentication, with the passwords stored in a text file, generated with ...

Get What's New in Apache Web Server 2.2? now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.