Add documentation
v3.2.3 (Jan Wolter - Feb 26, 2009)
-----------------------------------------------
* Added GroupExternalError directive, which allows you to specify the
HTTP error code to be returned if the group access check fails.
Defaut is 401, but you may want to return 403 if you want to show the
user an error page instead of asking him to login again. Thanks to
Peter Crawshaw <pcrawshaw@mta.ca> for this patch.
* In hopes of getting to a more consistantly named set of directives,
added new aliases for two old directives:
GroupExternalAuthoritative alias for AuthzExternalAuthoritative
GroupExternalManyAtOnce alias for AuthExternalGroupsAtOnce
Documentation updated to refer primarily to the new names.
v3.2.2 (Jan Wolter - Dec 1, 2008)
-----------------------------------------------
THIS RELEASE UPDATES DOCUMENTATION ONLY!
* Improved documentation of AuthExternalContext directive in the INSTALL
file.
* Added documentation to the UPGRADE file on interactions between multiple
Require directives.
The Apache HTTP Daemon can be configured to require users to supply logins
and passwords before accessing pages in some directories. Authentication is
the process of checking if the password given is correct for a user. Apache
has standard modules for authenticating out of several different kinds of
databases. The external authentication module provides a flexible tool for
creating authentication systems based on other databases.
The module can be used in either of two somewhat divergent ways:
1) External Authentication:
When a user supplies a login and password, mod_auth*_external runs a program
you write, passing it the login and password. Your program does whatever
checking and logging it needs to, and then returns a Accept/Reject flag to
Apache.
2) Hardcoded Authentication:
Some hooks have been inserted into mod_auth*_external to make it easy to
replace the call to the external authentication program with a call to a
hardcoded internal authentication routine that you write.
