ASF Bugzilla – Full Text Bug Listing
|Summary:||A wrong example is given in the manual of "mod_authn_anon". Plz correct it. Thx|
|Product:||Apache httpd-2||Reporter:||Tianyin Xu <tixu>|
|Component:||Documentation||Assignee:||HTTP Server Documentation List <docs>|
Description Tianyin Xu 2012-03-08 01:32:47 UTC
Hi, The only example given in mod_authn_anon is incorrect: please check http://httpd.apache.org/docs/2.4/mod/mod_authn_anon.html the example is as follows: <Directory /var/www/html/private> AuthName "Use 'anonymous' & Email address for guest entry" AuthType Basic AuthBasicProvider file anon AuthUserFile /path/to/your/.htpasswd Anonymous_NoUserID off Anonymous_MustGiveEmail on Anonymous_VerifyEmail on Anonymous_LogEmail on Anonymous anonymous guest www test welcome Require all granted Require valid-user </Directory> If you configure Apache like this, you are never required to input an anonymous account as well as the email. The problem is due to the conf entry "Require all granted". "When multiple Require directives are used in a single configuration section and are not contained in another authorization directive like <RequireAll>, they are implicitly contained within a <RequireAny> directive. Thus the first one to authorize a user authorizes the entire request, and subsequent Require directives are ignored." Please delete that conf entry. Thanks!!