5.8. Anonymous Access
It often happens that even though you have passwords controlling the access to certain things on your site, you also want to allow guests to come and sample the site's joys -- probably a reduced set of joys, mediated by the username passed on by the client's browser. The Apache module mod_auth_anon.c allows you to do just this. It should be compiled in automatically -- check by looking at Configuration. If it wasn't compiled in, you may get this unnerving error message:
User webuser Group webgroup ServerName www.butterthlies.com IdentityCheckon NameVirtualHost 192.168.123.2 <VirtualHost www.butterthlies.com> #CookieLog logs/cookies ServerAdmin firstname.lastname@example.org DocumentRoot /usr/www/site.anon/htdocs/customers ServerName www.butterthlies.com ErrorLog /usr/www/site.anon/logs/customers/error_log TransferLog /usr/www/site.anon/logs/access_log ScriptAlias /cgi-bin /usr/www/cgi-bin </VirtualHost> <VirtualHost sales.butterthlies.com> CookieLog logs/cookies ServerAdmin email@example.com DocumentRoot /usr/www/site.anon/htdocs/salesmen ServerName sales.butterthlies.com ErrorLog /usr/www/site.anon/logs/error_log TransferLog /usr/www/site.anon/logs/salesmen/access_log ScriptAlias /cgi-bin /usr/www/cgi-bin <Directory /usr/www/site.anon/htdocs/salesmen> AuthType Basic AuthName darkness AuthUserFile /usr/www/ok_users/sales AuthGroupFile /usr/www/ok_users/groups require valid-user Anonymous_Authoritative off Anonymous guest anonymous air-head </Directory> <Directory /usr/www/cgi-bin> AuthType Basic AuthName darkness AuthUserFile /usr/www/ok_users/sales AuthGroupFile /usr/www/ok_users/groups #AuthDBMUserFile /usr/www/ok_dbm/sales #AuthDBMGroupFile /usr/www/ok_dbm/groups require valid-user </Directory> </VirtualHost>
Run go and try accessing http://sales.butterthlies.com/. You should be asked for a password in the usual way. The difference is that now you can also get in by being guest, air-head , or anonymous. The Anonymous directives follow.
Anonymous userid1 userid2 ...
If on, users can leave the ID field blank but must put something in the password field.
If on, accesses are logged to ... /logs/httpd_log or to the log set by TransferLog.
The user ID must contain at least one "@" and one "."
If this directive is on and the client fails anonymous authorization, he fails all authorization. If it is off, other authorization schemes will get a crack at him.
The user must give an email ID as a password.
Copyright © 2001 O'Reilly & Associates. All rights reserved.