Apache2::UserDirAuthz - simple one directory per username access control
PerlSetVar userdirrealms example.org,example.com <Location /> AuthType Kerberos # should work with any authtype Require valid-user PerlAuthzHandler Apache2::UserDirAuthz </Location>
When used as a PerlAuthzHandler with Apache+mod_perl, Apache2::UserdirAuthz will perform simple access control, where each user has access to the part of the hierarchy named after their username. For example, a user "tom" will have access to all locations under
/tom/, such as
/tom/logo.png, and so on.
If the username contains an @, the part after the @ can be conditionally stripped off by setting
PerlSetVar. This is useful when using with Kerberos, where usernames are of the form
user@realm. To set realm stripping for multiple realms, separate with commas, as demonstrated in the SYNOPSIS.
Any requests for paths outside the user's own prefix result in a 401 response (the handler returns
If the username contains a slash, this is taken literally when constructing the prefix for the (path portion of the) URI. So, if the username is
host/foo.example.org@EXAMPLE.ORG, and the
EXAMPLE.ORG realm is stripped, then the user will have access to URIs under
Tom Jones <email@example.com>