Updated documentation.

author Philipp Spitzer <philipp@spitzer.priv.at>

Tue, 15 Apr 2014 19:36:34 +0000 (21:36 +0200)

committer Philipp Spitzer <philipp@spitzer.priv.at>

Tue, 15 Apr 2014 19:36:34 +0000 (21:36 +0200)
author Philipp Spitzer <philipp@spitzer.priv.at>
Tue, 15 Apr 2014 19:36:34 +0000 (21:36 +0200)
committer Philipp Spitzer <philipp@spitzer.priv.at>
Tue, 15 Apr 2014 19:36:34 +0000 (21:36 +0200)
diff --git a/doc/apache2.txt b/doc/apache2.txt

index db60660497cecbe39aeb303fc28020211c00838b..79563e249d1e0fe72780f970c5d108d574b151db 100644 (file)
--- a/doc/apache2.txt
+++ b/doc/apache2.txt
@@ -1,22 +1,66 @@
-# Add a virtual host similar than that:
+# Add a virtual host similar than that (for apache 2.4):
  # (e.g. in /etc/apache2/sites-available/example.com.conf)
  #
-# The Rewrite* lines are necessary to prevent mod_cgi to filter the Authorization HTTP header.
+# Note that apache has to do authentication/authorization
+# as well if needed (which will normally be the case).
+# Normally, AuthBasic is used by DYNDNS systems.
+# See: http://wiki.apache.org/httpd/PasswordBasicAuth
  
  <VirtualHost *:80>
-  SSLEngine Off
    ServerName dyndns.example.com
    ServerAdmin webmaster@example.com
-  DocumentRoot /var/www/tdyndns
-  DirectoryIndex tdyndns.py
+
    ErrorLog /var/log/apache2/error.log
    CustomLog /var/log/apache2/access.log combined
+
+  DocumentRoot /var/www/tdyndns
+
    <Directory /var/www/tdyndns>
+         DirectoryIndex tdyndns.py
        SetHandler cgi-script
        Options ExecCGI FollowSymLinks
-      RewriteEngine on
-      RewriteCond %{HTTP:Authorization} ^(.*)
-      RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
+
+         AuthType Basic
+         AuthName "tdyndns authorization"
+         AuthUserFile "/etc/tdyndns/.htpasswd"
+         Require valid-user
    </Directory>
+
  </VirtualHost>
  
+
+
+# Hint: For clients that do not support AuthBasic (if there should be any),
+# the "AuthBasicFake" parameter might be an option to overcome this.
+
+
+
+
+As an example for an non-standard authorization method, we provided the script
+tdyndns_auth_simplepwd that just checks whether the user is present in the
+system and whether a certain password is given:
+
+<VirtualHost *:80>
+  ServerName dyndns.example.com
+  ServerAdmin webmaster@example.com
+
+  ErrorLog /var/log/apache2/error.log
+  CustomLog /var/log/apache2/access.log combined
+
+  DocumentRoot /var/www/tdyndns
+
+  DefineExternalAuth tdyndnsauth environment /usr/local/bin/tdyndns_auth_simplepwd
+
+  <Directory /var/www/tdyndns>
+         DirectoryIndex tdyndns.py
+      SetHandler cgi-script
+      Options ExecCGI FollowSymLinks
+
+      AuthType Basic
+      AuthBasicProvider external
+      AuthExternal tdyndnsauth
+      AuthName "tdyndns authorization"
+      Require valid-user
+  </Directory>
+
+</VirtualHost>
author	Philipp Spitzer <philipp@spitzer.priv.at>
	Tue, 15 Apr 2014 19:36:34 +0000 (21:36 +0200)
committer	Philipp Spitzer <philipp@spitzer.priv.at>
	Tue, 15 Apr 2014 19:36:34 +0000 (21:36 +0200)