Module ngx_http_auth_basic_module
优质
小牛编辑
131浏览
2023-12-01
The ngx_http_auth_basic_module module allows to limit access to resources by validating the user name and password using the “HTTP Basic Authentication” protocol.
Access can also be limited by address. Simultaneous limitation of access by address and by password is controlled by the satisfy directive.
Example Configuration
location / {
auth_basic "closed site";
auth_basic_user_file conf/htpasswd;
}
Directives
| syntax: | auth_basic |
| default: | auth_basic off; |
| context: | http, server, location, limit_except |
Enables validation of user name and password using the “HTTP Basic Authentication” protocol. The specified parameter is used as a realm. Value of the parameter can contain variables (1.3.10). The special value off allows to cancel the effect of the auth_basic directive inherited from the previous configuration level.
| syntax: | auth_basic_user_file |
| default: | — |
| context: | http, server, location, limit_except |
Specifies a file that keeps user names and passwords, in the following format:
# comment name1:password1 name2:password2:comment name3:password3
The following password types are supported:
- encrypted with the
crypt()function; can be generated using the “htpasswd” utility from the Apache HTTP Server distribution or the “openssl passwd” command; - hashed with the Apache variant of the MD5-based password algorithm (apr1); can be generated with the same tools;
- specified by the “
{scheme}data” syntax (1.0.3+) as described in RFC 2307; currently implemented schemes includePLAIN(an example one, should not be used) andSSHA(salted SHA-1 hashing, used by some software packages, notably OpenLDAP and Dovecot).