Mercurial > hg > nginx-site
annotate xml/ru/docs/http/ngx_http_auth_basic_module.xml @ 2769:16f6fa718be2
Updated TLSv1.3 support notes.
Previous notes described some early development snapshot of OpenSSL 1.1.1
with disabled TLSv1.3 by default. It was then enabled in the first alpha.
Further, the updated text covers later major releases such as OpenSSL 3.0.
| author | Sergey Kandaurov <pluknet@nginx.com> |
|---|---|
| date | Thu, 30 Sep 2021 16:29:20 +0300 |
| parents | eeed494bba51 |
| children | 4add6ae1296f |
| rev | line source |
|---|---|
|
222
bfe3eff81d04
Removed redundant encoding specification.
Ruslan Ermilov <ru@nginx.com>
parents:
110
diff
changeset
|
1 <?xml version="1.0"?> |
|
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
2 |
|
580
be54c443235a
Added copyright markers to documentation sources.
Ruslan Ermilov <ru@nginx.com>
parents:
494
diff
changeset
|
3 <!-- |
|
be54c443235a
Added copyright markers to documentation sources.
Ruslan Ermilov <ru@nginx.com>
parents:
494
diff
changeset
|
4 Copyright (C) Igor Sysoev |
|
be54c443235a
Added copyright markers to documentation sources.
Ruslan Ermilov <ru@nginx.com>
parents:
494
diff
changeset
|
5 Copyright (C) Nginx, Inc. |
|
be54c443235a
Added copyright markers to documentation sources.
Ruslan Ermilov <ru@nginx.com>
parents:
494
diff
changeset
|
6 --> |
|
be54c443235a
Added copyright markers to documentation sources.
Ruslan Ermilov <ru@nginx.com>
parents:
494
diff
changeset
|
7 |
|
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
8 <!DOCTYPE module SYSTEM "../../../../dtd/module.dtd"> |
|
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
9 |
| 303 | 10 <module name="Модуль ngx_http_auth_basic_module" |
|
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
11 link="/ru/docs/http/ngx_http_auth_basic_module.html" |
| 589 | 12 lang="ru" |
|
2593
eeed494bba51
Unified phrases about configuration levels and inheritance.
Ruslan Ermilov <ru@nginx.com>
parents:
1923
diff
changeset
|
13 rev="10"> |
|
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
14 |
|
110
40eec261c2a6
Added proper support for anonymous sections, notably for the summary.
Ruslan Ermilov <ru@nginx.com>
parents:
102
diff
changeset
|
15 <section id="summary"> |
|
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
16 |
|
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
17 <para> |
| 303 | 18 Модуль <literal>ngx_http_auth_basic_module</literal> позволяет |
| 313 | 19 ограничить доступ к ресурсам с проверкой имени и пароля пользователя |
| 20 по протоколу “HTTP Basic Authentication”. | |
|
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
21 </para> |
|
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
22 |
|
494
244500f24783
- Cross linked ngx_http_access_module and ngx_http_auth_basic_module,
Ruslan Ermilov <ru@nginx.com>
parents:
351
diff
changeset
|
23 <para> |
|
244500f24783
- Cross linked ngx_http_access_module and ngx_http_auth_basic_module,
Ruslan Ermilov <ru@nginx.com>
parents:
351
diff
changeset
|
24 Ограничить доступ можно также по |
|
1763
a7974b8d2a23
Updated docs for the upcoming NGINX Plus release.
Ruslan Ermilov <ru@nginx.com>
parents:
1560
diff
changeset
|
25 <link doc="ngx_http_access_module.xml">адресу</link>, по |
|
a7974b8d2a23
Updated docs for the upcoming NGINX Plus release.
Ruslan Ermilov <ru@nginx.com>
parents:
1560
diff
changeset
|
26 <link doc="ngx_http_auth_request_module.xml">результату подзапроса</link> |
|
a7974b8d2a23
Updated docs for the upcoming NGINX Plus release.
Ruslan Ermilov <ru@nginx.com>
parents:
1560
diff
changeset
|
27 или по <link doc="ngx_http_auth_jwt_module.xml">JWT</link>. |
|
494
244500f24783
- Cross linked ngx_http_access_module and ngx_http_auth_basic_module,
Ruslan Ermilov <ru@nginx.com>
parents:
351
diff
changeset
|
28 Одновременное ограничение доступа по адресу и паролю управляется |
|
244500f24783
- Cross linked ngx_http_access_module and ngx_http_auth_basic_module,
Ruslan Ermilov <ru@nginx.com>
parents:
351
diff
changeset
|
29 директивой <link doc="ngx_http_core_module.xml" id="satisfy"/>. |
|
244500f24783
- Cross linked ngx_http_access_module and ngx_http_auth_basic_module,
Ruslan Ermilov <ru@nginx.com>
parents:
351
diff
changeset
|
30 </para> |
|
244500f24783
- Cross linked ngx_http_access_module and ngx_http_auth_basic_module,
Ruslan Ermilov <ru@nginx.com>
parents:
351
diff
changeset
|
31 |
|
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
32 </section> |
|
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
33 |
|
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
34 |
| 303 | 35 <section id="example" name="Пример конфигурации"> |
|
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
36 |
|
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
37 <para> |
|
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
38 <example> |
|
351
a4fa80755eab
Consistently strip initial offset in examples.
Ruslan Ermilov <ru@nginx.com>
parents:
313
diff
changeset
|
39 location / { |
|
a4fa80755eab
Consistently strip initial offset in examples.
Ruslan Ermilov <ru@nginx.com>
parents:
313
diff
changeset
|
40 auth_basic "closed site"; |
|
a4fa80755eab
Consistently strip initial offset in examples.
Ruslan Ermilov <ru@nginx.com>
parents:
313
diff
changeset
|
41 auth_basic_user_file conf/htpasswd; |
|
a4fa80755eab
Consistently strip initial offset in examples.
Ruslan Ermilov <ru@nginx.com>
parents:
313
diff
changeset
|
42 } |
|
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
43 </example> |
|
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
44 </para> |
|
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
45 |
|
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
46 </section> |
|
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
47 |
|
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
48 |
| 303 | 49 <section id="directives" name="Директивы"> |
|
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
50 |
|
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
51 <directive name="auth_basic"> |
| 271 | 52 <syntax><value>строка</value> | <literal>off</literal></syntax> |
|
102
c76a257f3fd4
The directive name is now automatically printed in <default> and <syntax>.
Ruslan Ermilov <ru@nginx.com>
parents:
99
diff
changeset
|
53 <default>off</default> |
| 303 | 54 <context>http</context> |
| 55 <context>server</context> | |
| 56 <context>location</context> | |
| 57 <context>limit_except</context> | |
|
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
58 |
|
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
59 <para> |
| 313 | 60 Включает проверку имени и пароля пользователя по протоколу |
| 61 “HTTP Basic Authentication”. | |
| 303 | 62 Заданный параметр используется в качестве <value>realm</value>. |
|
840
9dab69f2b71d
Documented nginx 1.2.7 changes.
Ruslan Ermilov <ru@nginx.com>
parents:
836
diff
changeset
|
63 В значении параметра допустимо использование переменных (1.3.10, 1.2.7). |
|
2593
eeed494bba51
Unified phrases about configuration levels and inheritance.
Ruslan Ermilov <ru@nginx.com>
parents:
1923
diff
changeset
|
64 Специальное значение <literal>off</literal> отменяет действие |
|
784
7d15bd7fc58d
The "auth_basic" directive now supports variables.
Ruslan Ermilov <ru@nginx.com>
parents:
655
diff
changeset
|
65 унаследованной с предыдущего уровня конфигурации |
|
7d15bd7fc58d
The "auth_basic" directive now supports variables.
Ruslan Ermilov <ru@nginx.com>
parents:
655
diff
changeset
|
66 директивы <literal>auth_basic</literal>. |
|
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
67 </para> |
|
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
68 |
|
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
69 </directive> |
|
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
70 |
|
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
71 |
|
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
72 <directive name="auth_basic_user_file"> |
|
102
c76a257f3fd4
The directive name is now automatically printed in <default> and <syntax>.
Ruslan Ermilov <ru@nginx.com>
parents:
99
diff
changeset
|
73 <syntax><value>файл</value></syntax> |
|
99
1d315ef37215
The case <default/> is now language-agnostic.
Ruslan Ermilov <ru@nginx.com>
parents:
76
diff
changeset
|
74 <default/> |
| 303 | 75 <context>http</context> |
| 76 <context>server</context> | |
| 77 <context>location</context> | |
| 78 <context>limit_except</context> | |
|
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
79 |
|
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
80 <para> |
| 303 | 81 Задаёт файл, в котором хранятся имена и пароли пользователей. |
| 82 Формат файла следующий: | |
|
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
83 <example> |
|
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
84 # комментарий |
|
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
85 имя1:пароль1 |
|
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
86 имя2:пароль2:комментарий |
|
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
87 имя3:пароль3 |
|
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
88 </example> |
|
1560
dad3af7a1019
Documented variables support in auth_basic_user_file.
Ruslan Ermilov <ru@nginx.com>
parents:
971
diff
changeset
|
89 В имени файла можно использовать переменные. |
|
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
90 </para> |
|
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
91 |
|
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
92 <para> |
|
655
93d2a54d247c
Added information about supported password types.
Vladimir Homutov <vl@nginx.com>
parents:
589
diff
changeset
|
93 Поддерживаются следующие типы паролей: |
|
93d2a54d247c
Added information about supported password types.
Vladimir Homutov <vl@nginx.com>
parents:
589
diff
changeset
|
94 <list type="bullet"> |
|
93d2a54d247c
Added information about supported password types.
Vladimir Homutov <vl@nginx.com>
parents:
589
diff
changeset
|
95 |
|
93d2a54d247c
Added information about supported password types.
Vladimir Homutov <vl@nginx.com>
parents:
589
diff
changeset
|
96 <listitem> |
|
93d2a54d247c
Added information about supported password types.
Vladimir Homutov <vl@nginx.com>
parents:
589
diff
changeset
|
97 зашифрованные функцией <c-func>crypt</c-func>; могут быть созданы |
|
93d2a54d247c
Added information about supported password types.
Vladimir Homutov <vl@nginx.com>
parents:
589
diff
changeset
|
98 с помощью утилиты “<command>htpasswd</command>” из дистрибутива HTTP-сервера |
|
93d2a54d247c
Added information about supported password types.
Vladimir Homutov <vl@nginx.com>
parents:
589
diff
changeset
|
99 Apache или команды “<command>openssl passwd</command>”; |
|
93d2a54d247c
Added information about supported password types.
Vladimir Homutov <vl@nginx.com>
parents:
589
diff
changeset
|
100 </listitem> |
|
93d2a54d247c
Added information about supported password types.
Vladimir Homutov <vl@nginx.com>
parents:
589
diff
changeset
|
101 |
|
93d2a54d247c
Added information about supported password types.
Vladimir Homutov <vl@nginx.com>
parents:
589
diff
changeset
|
102 <listitem> |
|
93d2a54d247c
Added information about supported password types.
Vladimir Homutov <vl@nginx.com>
parents:
589
diff
changeset
|
103 хэшированные с помощью алгоритма, основанного на MD5, по версии Apache (apr1); |
|
93d2a54d247c
Added information about supported password types.
Vladimir Homutov <vl@nginx.com>
parents:
589
diff
changeset
|
104 могут быть созданы теми же инструментами; |
|
93d2a54d247c
Added information about supported password types.
Vladimir Homutov <vl@nginx.com>
parents:
589
diff
changeset
|
105 </listitem> |
|
93d2a54d247c
Added information about supported password types.
Vladimir Homutov <vl@nginx.com>
parents:
589
diff
changeset
|
106 |
|
93d2a54d247c
Added information about supported password types.
Vladimir Homutov <vl@nginx.com>
parents:
589
diff
changeset
|
107 <listitem> |
|
93d2a54d247c
Added information about supported password types.
Vladimir Homutov <vl@nginx.com>
parents:
589
diff
changeset
|
108 заданные согласно синтаксису |
|
93d2a54d247c
Added information about supported password types.
Vladimir Homutov <vl@nginx.com>
parents:
589
diff
changeset
|
109 “<literal>{</literal><value>схема</value><literal>}</literal><value>данные</value>” |
|
93d2a54d247c
Added information about supported password types.
Vladimir Homutov <vl@nginx.com>
parents:
589
diff
changeset
|
110 (1.0.3+) как описано в |
|
1923
66a30a380fba
Fixed links to tools.ietf.org.
Ruslan Ermilov <ru@nginx.com>
parents:
1763
diff
changeset
|
111 <link url="https://tools.ietf.org/html/rfc2307#section-5.3">RFC 2307</link>; |
|
655
93d2a54d247c
Added information about supported password types.
Vladimir Homutov <vl@nginx.com>
parents:
589
diff
changeset
|
112 в настоящий момент реализованы схемы <literal>PLAIN</literal> (в качестве |
|
836
f563967a4f59
Auth basic: ${SHA} password scheme.
Ruslan Ermilov <ru@nginx.com>
parents:
784
diff
changeset
|
113 примера, не следует применять), <literal>SHA</literal> (1.3.13) (простое SHA-1 |
|
f563967a4f59
Auth basic: ${SHA} password scheme.
Ruslan Ermilov <ru@nginx.com>
parents:
784
diff
changeset
|
114 хэширование, не следует применять) и <literal>SSHA</literal> (SHA-1 хэширование |
|
655
93d2a54d247c
Added information about supported password types.
Vladimir Homutov <vl@nginx.com>
parents:
589
diff
changeset
|
115 с солью, используется в некоторых программах, в частности OpenLDAP |
|
93d2a54d247c
Added information about supported password types.
Vladimir Homutov <vl@nginx.com>
parents:
589
diff
changeset
|
116 и Dovecot). |
|
836
f563967a4f59
Auth basic: ${SHA} password scheme.
Ruslan Ermilov <ru@nginx.com>
parents:
784
diff
changeset
|
117 <note> |
|
f563967a4f59
Auth basic: ${SHA} password scheme.
Ruslan Ermilov <ru@nginx.com>
parents:
784
diff
changeset
|
118 Поддержка схемы <literal>SHA</literal> была добавлена лишь для облегчения |
|
f563967a4f59
Auth basic: ${SHA} password scheme.
Ruslan Ermilov <ru@nginx.com>
parents:
784
diff
changeset
|
119 процесса миграции файлов паролей с других веб-серверов. |
|
f563967a4f59
Auth basic: ${SHA} password scheme.
Ruslan Ermilov <ru@nginx.com>
parents:
784
diff
changeset
|
120 Её не следует применять для новых паролей, т.к. используемое при этом |
|
f563967a4f59
Auth basic: ${SHA} password scheme.
Ruslan Ermilov <ru@nginx.com>
parents:
784
diff
changeset
|
121 SHA-1 хэширование без соли уязвимо к взлому при помощи |
|
f563967a4f59
Auth basic: ${SHA} password scheme.
Ruslan Ermilov <ru@nginx.com>
parents:
784
diff
changeset
|
122 <link url="http://en.wikipedia.org/wiki/Rainbow_attack">радужных таблиц</link>. |
|
f563967a4f59
Auth basic: ${SHA} password scheme.
Ruslan Ermilov <ru@nginx.com>
parents:
784
diff
changeset
|
123 </note> |
|
655
93d2a54d247c
Added information about supported password types.
Vladimir Homutov <vl@nginx.com>
parents:
589
diff
changeset
|
124 </listitem> |
|
93d2a54d247c
Added information about supported password types.
Vladimir Homutov <vl@nginx.com>
parents:
589
diff
changeset
|
125 |
|
93d2a54d247c
Added information about supported password types.
Vladimir Homutov <vl@nginx.com>
parents:
589
diff
changeset
|
126 </list> |
|
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
127 </para> |
|
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
128 |
|
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
129 </directive> |
|
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
130 |
|
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
131 </section> |
|
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
132 |
|
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
133 </module> |