Mercurial > hg > nginx-site
comparison xml/en/docs/mail/ngx_mail_auth_http_module.xml @ 1256:ebfcd76e23b6
Mail auth: corrected articles, rephrased some parts.
author | Yaroslav Zhuravlev <yar@nginx.com> |
---|---|
date | Thu, 17 Jul 2014 15:21:10 +0400 |
parents | e48d4309e7f2 |
children | 06322891b4e3 |
comparison
equal
deleted
inserted
replaced
1255:e48d4309e7f2 | 1256:ebfcd76e23b6 |
---|---|
8 <!DOCTYPE module SYSTEM "../../../../dtd/module.dtd"> | 8 <!DOCTYPE module SYSTEM "../../../../dtd/module.dtd"> |
9 | 9 |
10 <module name="Module ngx_mail_auth_http_module" | 10 <module name="Module ngx_mail_auth_http_module" |
11 link="/en/docs/mail/ngx_mail_auth_http_module.html" | 11 link="/en/docs/mail/ngx_mail_auth_http_module.html" |
12 lang="en" | 12 lang="en" |
13 rev="4"> | 13 rev="5"> |
14 | 14 |
15 <section id="directives" name="Directives"> | 15 <section id="directives" name="Directives"> |
16 | 16 |
17 <directive name="auth_http"> | 17 <directive name="auth_http"> |
18 <syntax><value>URL</value></syntax> | 18 <syntax><value>URL</value></syntax> |
33 <default/> | 33 <default/> |
34 <context>mail</context> | 34 <context>mail</context> |
35 <context>server</context> | 35 <context>server</context> |
36 | 36 |
37 <para> | 37 <para> |
38 Appends the specified header to requests to the authentication server. | 38 Appends the specified header to requests sent to the authentication server. |
39 This header can be used as the shared secret to verify | 39 This header can be used as the shared secret to verify |
40 that the request comes from nginx. | 40 that the request comes from nginx. |
41 For example: | 41 For example: |
42 <example> | 42 <example> |
43 auth_http_header X-Auth-Key "secret_string"; | 43 auth_http_header X-Auth-Key "secret_string"; |
63 | 63 |
64 | 64 |
65 <section id="protocol" name="Protocol"> | 65 <section id="protocol" name="Protocol"> |
66 | 66 |
67 <para> | 67 <para> |
68 The HTTP is used to communicate with the authentication server. | 68 The HTTP protocol is used to communicate with the authentication server. |
69 The data in the response body is ignored, and the information is passed only in | 69 The data in the response body is ignored, the information is passed only in |
70 the headers. | 70 the headers. |
71 </para> | 71 </para> |
72 | 72 |
73 <para> | 73 <para> |
74 Examples of requests and responses: | 74 Examples of requests and responses: |
113 (the attempt number is passed in the <header>Auth-Login-Attempt</header> | 113 (the attempt number is passed in the <header>Auth-Login-Attempt</header> |
114 header). | 114 header). |
115 </para> | 115 </para> |
116 | 116 |
117 <para> | 117 <para> |
118 When the APOP or CRAM-MD5 are used, a request-response will look as follows. | 118 When the APOP or CRAM-MD5 are used, request-response will look as follows: |
119 <example> | 119 <example> |
120 GET /auth HTTP/1.0 | 120 GET /auth HTTP/1.0 |
121 Host: localhost | 121 Host: localhost |
122 Auth-Method: apop | 122 Auth-Method: apop |
123 Auth-User: user | 123 Auth-User: user |
137 Auth-Pass: plain-text-pass | 137 Auth-Pass: plain-text-pass |
138 </example> | 138 </example> |
139 </para> | 139 </para> |
140 | 140 |
141 <para> | 141 <para> |
142 If the <header>Auth-User</header> header exists in a response, | 142 If the <header>Auth-User</header> header exists in the response, |
143 it overrides the username used to authenticate with the backend. | 143 it overrides the username used to authenticate with the backend. |
144 </para> | 144 </para> |
145 | 145 |
146 <para> | 146 <para> |
147 For the SMTP, the response additionally takes into account | 147 For the SMTP, the response additionally takes into account |
148 the <header>Auth-Error-Code</header> header — if exists, it is used | 148 the <header>Auth-Error-Code</header> header — if exists, it is used |
149 as a response code in case of an error. | 149 as a response code in case of an error. |
150 Otherwise, the 535 5.7.0 code will be added to | 150 Otherwise, the 535 5.7.0 code will be added to |
151 the <header>Auth-Status</header>. | 151 the <header>Auth-Status</header> header. |
152 </para> | 152 </para> |
153 | 153 |
154 <para> | 154 <para> |
155 For example, if the following response is received | 155 For example, if the following response is received |
156 from the authentication server: | 156 from the authentication server: |
166 </example> | 166 </example> |
167 </para> | 167 </para> |
168 | 168 |
169 <para> | 169 <para> |
170 If proxying SMTP does not require authentication, | 170 If proxying SMTP does not require authentication, |
171 a request will look as follows. | 171 the request will look as follows: |
172 <example> | 172 <example> |
173 GET /auth HTTP/1.0 | 173 GET /auth HTTP/1.0 |
174 Host: localhost | 174 Host: localhost |
175 Auth-Method: none | 175 Auth-Method: none |
176 Auth-User: | 176 Auth-User: |