CU Home
Columbia University in the City of New York  

AcIS > Dev > UnixDev > Projects > mod_auth_pamacea > Documentation


mod_auth_pamacea

mod_auth_pamacea

Version 3.0

Contents

Downloading

The latest version of mod_auth_pamacea is available here.

Copyright and License

Copyright (c) 2003 - 2007, The Trustees of Columbia University in the City of New York.
Benjamin Oshrin, Columbia University Information Technology

This product includes software developed by the Apache Software Foundation (http://www.apache.org/).


This notice is part of the version 3.0 release of mod_auth_pamacea.

mod_auth_pamacea is free software; you can redistribute and/or modify version 3.0 (including any bug fix releases of this version, identified by a lowercase letter appended to the version number) under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

mod_auth_pamacea is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

A copy of the GNU General Public License is available here or here. Alternately, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA

Overview

mod_auth_pamacea is an Apache 2 module that performs PAM based authentication using a customizable login form. Specifically, Basic Auth is not used because there is no feasible logout mechanism from a Basic Auth session, short of closing the browser. Limited authorization support is also provided.

There is no Apache 1 version of this module.

mod_auth_pamacea was written to replace a much older, home grown Apache 1 module that nobody understood anymore. While mod_auth_pamacea is also homegrown, it attempts to use whatever standards it can to increase the likelihood that others will find it useful, or at least minimally to ensure that somebody will be able to understand it in the future.

Is It Really A Pamacea?

No. There are no known pamaceas.

Building

Building the module is relatively straightforward, but requires Apache 2 to already be installed. Untar the distribution, select a language and a session manager, and let Apache's apxs do all the work.

Selecting a Language

Under certain circumstances, the module will need to generate a message, usually an error message. By default, these messages will appear in English. To change the default, remove the texts.h symlink and create a new link pointing to the file containing the appropriate language.
 % rm texts.h
 % ln -s texts_LL_CC.h texts.h
 
Note: As of this version, no other languages are included with the distribution. To create a new language file, copy texts_en_US.h to an appropriately named file and change the string definitions.

Selecting a Session Manager

Because the module does not use Basic Auth, it must maintain session information. By default the file-based session manager is used. The file-based session manager is suitable for low volume servers where a client will always (or for the length of the session) talk to the same server. While it is possible to use the file-based session manager across multiple servers, this configuration is not recommended. See installing the session manager for more information.

To change the default, remove the session_manager.c symlink and create a new link pointing to the file containing the appropriate session manager.

 % rm session_manager.c
 % ln -s session_manager_XX.c session_manager.c
 
Note: As of this version, no other session managers are included with the distribution. To create a new session manager, copy session_manager_file.c to an appropriately named file and reimplement the functions defined in session_manager.h.

Compiling the Module

To compile the module, simply cd into the distribution directory and type make. apxs must be in your $PATH, or else the full path to it must be set in Makefile's APXS= line. (apxs can normally be found in the sbin or bin subdirectory of the Apache 2 installation.)

Note: There are several options that may be changed at compile time in mod_auth_pamacea.h, including the name of the .htaccess AuthType directive that invokes the module.

Note for HP-UX: If you see errors about pam_getenv, pam_putenv, and pam_getenvlist being unresolved symbols, you can try defining _WITHOUT_PAMENV in mod_auth_pamacea.h. This should allow the module to compile, however the PamaceaGroupSource PAMEnv, PamaceaPAMConfirmUserFile, and PamaceaSetEnv PAMEnv directives will be disabled.

Installing

Installation consists of installing the module, setting up the session manager, and adding the appropriate directives to httpd.conf.

Important: If you install this module, please subscribe to the pamacea-announce mailing list. Notification of security updates will be made to this list.

Installing the Module

To install the module, as root type make install. Alternately, copy .libs/mod_auth_pamacea.so to the modules subdirectory of the Apache 2 installation.

Installing the Session Manager

File-Based Session Manager

On the web server, create the directory /var/pamacea (or, if PAMACEA_STATEDIR was changed in session_manager_file.h, whatever it was changed to). Make the directory writable by the user that the Apache web server runs as and inaccessible by everybody else. For example,
 # mkdir /var/pamacea
 # chown www /var/pamacea
 # chmod 700 /var/pamacea
 
If there are multiple web servers in a pool, sharing this directory by NFS should work, but is not recommended.

Preparing the Required Web Pages

There are four special pages that mod_auth_pamacea knows about. These pages should be prepared and installed before the module is installed. Samples of each page are provided in the samples directory of the distribution.

Note: These pages should be placed in a directory that is not protected by mod_auth_pamacea (ie: that has no .htaccess file). Additionally, any files or images these pages reference should also not be protected by the module.

  1. Login Page: This page is delivered whenever the module requires authentication. This page must contain a <FORM> block with the following elements:
    1. A form ACTION of "@ACTIONURI@", which will be replaced by the module when the page is delivered.
    2. A hidden input named "target" with a value of "@TARGETURI@". The value will be replaced by the module when the page is delivered.
    3. A hidden input named "pamservice" with a value of "@PAMSERVICE@". The value will be replaced by the module when the page is delivered.
    4. A hidden input named "userfile" with a value of "@USERFILE@". The value will be replaced by the module when the page is delivered.
    5. A text input named "username". The contents of this field will be passed to the PAM during authentication.
    6. A password input named "password". The contents of this field will be passed to the PAM during authentication.
    7. An optional string @ERRORTEXT@, which may appear anywhere. If a login error was previously detected, this string will be replaced by the error message. Otherwise the string will be removed.

  2. Logout Page: This page, when retrieved, causes the module to expire the client's current session.

    The same META tags used to prevent caching the login page should also be used here.

  3. Error Page: This page is delivered by the module whenever there is a module error other than an authentication failure. (For authentication failures, the login page is redelivered.)

    The module will replace the string @ERRORTEXT@ in the page with the error message.

  4. No Cookie Page: This page is delivered by the module whenever it detects the client does not have cookies enabled.

In addition, you may wish to add the following tags to the HEAD section of each of the above documents in order to prevent browsers from caching the page:
<META HTTP-EQUIV="Expires" CONTENT="-1">
<META HTTP-EQUIV="Pragma" CONTENT="no_cache">
<META HTTP-EQUIV="Cache-Control" CONTENT="no cache">
See also PamaceaNoCache for information on browsers caching content documents.

Editing pam.conf

The module can use any service name for performing PAM authentication. Either define a new service in /etc/pam.conf (or /etc/pam.d/, as appropriate) or select an existing service to be used. The module can use more than one service name, on a per-directory basis.

Note: Because mod_auth_pamacea collects the username and password from a web page, the PAM must be configured to not prompt for them. Normally, this is done by setting the use_first_pass flag for the PAM module used by the selected service name. However, due to the implementation of Linux PAMs, this flag should not be used under Linux (or Darwin). (mod_auth_pamacea implements a workaround instead.)

See PamaceaPermittedPAMService and PamaceaPAMService for information on configuring the module for the selected PAM service(s).

For installations with pam_htpasswd or something similar, see PamaceaUserFile, PamaceaPAMUserFileService, and PamaceaPAMConfirmUserFile.

For installations where more than one PAM service may be used, see PamaceaSingleSignOnMode.

For installations using pam_unix (ie: /etc/shadow), the web server will need to run as a user or group with sufficient privileges to perform authentication.

Editing httpd.conf

Minimally, the following directives should be added to httpd.conf: For example:
 LoadModule auth_pamacea_module modules/mod_auth_pamacea.so
 PamaceaLoginPage /pamacea/login.html
 PamaceaLogoutPage /pamacea/logout.html
 PamaceaErrorPage /pamacea/error.html
 PamaceaNoCookieURI /pamacea/nocookie.html
 PamaceaPermittedPAMService secureweb
 PamaceaPAMService secureweb
 
After restarting Apache, look in Apache's error log for any information regarding configuration errors.

For installations where one server is used to serve both HTTP and HTTPS, see PamaceaNoSSL, which may need to be set to Decline.

Editing .htaccess

Minimally, the following directives need to be added to any .htaccess file using mod_auth_pamacea: For example:
 AuthType Pamacea
 AuthName "test"
 Require valid-user
 
Remember that AllowOverride AuthConfig must be specified in an appropriate Directory segment of httpd.conf, or Apache will ignore the .htaccess file.

Configuration File Directives

Unless otherwise noted, these directives may only be placed in the server's httpd.conf file.

PamaceaAuthLogLevel

Usage: PamaceaAuthLogLevel [level]
Example: PamaceaAuthLogLevel notice

Log authentication logic (including user logins, etc) to the specified log level, which may be any of the levels supported by the Apache LogLevel directive. Setting this to the same or higher value as the LogLevel directive will allow authentication information to be logged without having to enable debugging output. (Logging will go to the error_log.)

PamaceaErrorPage

Usage: PamaceaErrorPage [relative path to file]
Example: PamaceaErrorPage /pamacea/error.html

When the module encounters a non-authentication related error, it will deliver or redirect the browser to this page. See Preparing the Required Web Pages for more information.

PamaceaGroupSource

Usage: PamaceaGroupSource [source] [argument]
Example: PamaceaGroupSource PAMEnv AUTHZ_GROUPS

The module can implement authorization via require group directives in .htaccess. In order to do so, a group source must be specified. The following group sources are supported:

  • PAMEnv: Obtain the group memberships as a space separated list of strings provided in an environment variable set via pam_putenv(). The argument to PamaceaGroupSource PAMEnv determines which variable to read. An example string might look like
         Group1 Group2 Group3
         

PamaceaIdleTime

Usage: PamaceaIdleTime [number]
Default: 0

The length of inactivity, in seconds, after which a login session is expired. The time cannot logically exceed the time specified by PamaceaSessionLength. A length of 0 disables idle timeouts.

PamaceaInternalRedirect

Usage: PamaceaInternalRedirect [On|Off]
Default: Off

The module can handle redirects, which are used to generate and process login requests, among other tasks, either internally or externally. The default is externally.

External Redirects

  • The browser's Location bar always shows the page being delivered.
  • There is less opportunity for the login page to be spoofed.

Internal Redirects

  • More efficient, requiring three transactions instead of four.
  • Can theoretically work with an initial, unauthenticated POST request (although this is not implemented).
  • The browser's Location bar never changes (under normal circumstances). That is, when the login page is delivered, the Location bar still shows the document originally requested.
  • Are not as thoroughly tested.
See the NOTES file in the distribution for a more detailed explanation of the mechanics behind this option.

PamaceaLoginPage

Usage: PamaceaLoginPage [relative path to file]
Example: /pamacea/login.html

When the module requires authentication, it will deliver or redirect the browser to this page. See Preparing the Required Web Pages for more information.

PamaceaLogoutPage

Usage: PamaceaLogoutPage [relative path to file]
Example: /pamacea/logout.html

When this page is retrieved, the client's current session is expired. See Preparing the Required Web Pages for more information.

PamaceaNoCache

Usage: PamaceaNoCache [On|Off]
Default: On

When delivering content, send headers indicating that the content should not be cached. This will prevent pages from being visible via the browser's back button after logout, for most browsers.

PamaceaNoCacheMSIE

This directive may also be placed in .htaccess.

Usage: PamaceaNoCacheMSIE [On|Off]
Default: On

When delivering content to Microsoft browsers, send headers indicating that the content should not be cached. This will prevent pages from being visible via the browser's back button after logout. However, it will also break file downloads. (This is a "feature", not a bug.)

PamaceaNoCache must be on in order for PamaceaNoCacheMSIE to be enabled.

PamaceaNoCookieURI

Usage: PamaceaNoCookieURI [relative path to file]
Example: /pamacea/nocookie.html

When the module detects that the client does not have cookies enabled, this page will be delivered or redirected to instead of whatever was originally requested. See Preparing the Required Web Pages for more information.

PamaceaNoIPCheck

Usage: PamaceaNoIpCheck [On|Off]
Default: Off

When validating a session presented to the module, the IP address of the requesting client is matched against the IP address of the originally authenticated client. If this directive is enabled, the IP validation is skipped.

PamaceaNoSSL

Usage: PamaceaNoSSL [Decline|Forbid|OK]
Default: Forbid

When a non-SSL connection is established, this directive controls how the module behaves.

  • Decline: The transaction is declined, allowing another module to handle it.
  • Forbid: The transaction is forbidden, page retrieval is denied.
  • OK: The transaction is allowed to proceed.

PamaceaPAMConfirmUserFile

Usage: PamaceaPAMConfirmUserFile [varname]
Example: PamaceaPAMConfirmUserFile HTPASSWD_REALM

When PamaceaUserFile is in use, confirm which userfile was used by retrieving the specified environment variable from the PAM handle.

This option is recommended when multiple PAMs are stacked for the same service, including at least one which uses userfiles and one which does not, and PamaceaSingleSignOnMode is set to UserFile for that service.

PamaceaPAMService

This directive may also be placed in .htaccess.

Usage: PamaceaPAMService [pamservice]
Example: PamaceaPAMService secureweb

The argument provided to this directive is used as the service argument to pam_start(), and corresponds to the service name field in pam.conf.

The argument provided to this directive in httpd.conf selects the default service name used. When placed in .htaccess, the per-directory value overrides the default name.

Note: In order for a service name to be valid, it must be allowed by a PamaceaPermittedPAMService directive. This applies for the default value set in httpd.conf as well as any used in any .htaccess.

Note: The name of this directive may be changed in mod_auth_pamacea.h.

PamaceaPAMUserFileService

Usage: PamaceaPAMUserFileService [pamservice] [...]
Example: PamaceaPAMService htpasswd

When authentication is requested using a PAM service defined in this directive (which must also be separately defined by PamaceaPermittedPAMService), the PamaceaUserFile option is enabled.

PamaceaPermittedPAMService

Usage: PamaceaPermittedPAMService [pamservice] [...]
Example: PamaceaPAMService secureweb skey

The arguments provided to this directive are then permitted to be used as arguments for the PamaceaPAMService directive.

PamaceaPruneFrequency

Usage: PamaceaPruneFrequency [number]
Default: 1

Whenever a new session is inserted into the session manager, the module can call the session manager's cleanup function to remove any stale sessions. This directive controls how frequently the cleanup function is called.

The frequency is 1/n, where n is the argument provided. For example, setting the value to 5 will call the cleanup function approximately once for every five new sessions. (The actual implementation is via random number generation.) The value should not be set higher than 127. If set to 0, no cleanup will happen.

PamaceaSessionLength

Usage: PamaceaSessionLength [number]
Default: 600

The length, in seconds, of a login session. This is an absolute timeout, not an idle timeout (which can be specified by PamaceaIdleTime), so reauthentication will always be required when this period has expired. A length of 0 indicates that sessions will not timeout.

PamaceaSetEnv

This directive may also be placed in .htaccess.

Usage: PamaceaSetEnv [source] [varname]
Example: PamaceaSetEnv PamaceaPAMService PAM_SERVICE
Example: PamaceaSetEnv PamaceaWhatTheUserTyped REMOTE_USER_WTUT
Example: PamaceaSetEnv PAMEnv PASSWORD_EXPIRED

The module can set environment variables for use by dynamic content producers (eg: CGI based applications). The following sources are supported:

  • PamaceaPAMService: The PAM service name used to perform the authentication (as selected by a PamaceaPAMService directive) is stored in the variable name provided.
  • PamaceaWhatTheUserTyped: If PamaceaWhatTheUserTyped is enabled, the name the user typed. REMOTE_USER will then hold the name returned by the PAM stack. If set to REMOTE_USER, the name returned by the PAM stack will not be available.
  • PAMEnv: Obtain the PAM environment variable set via pam_putenv() with the name provided. The special variable name All indicates that all variables set by the PAM should be extracted and passed through.

Only PamaceaWhatTheUserTyped is available in .htaccess directives.

PamaceaSingleSignOnMode

Usage: PamaceaSingleSignOnMode [service] [mode]
Example: PamaceaSingleSignOnMode htpasswd UserFile

This directive controls when single sign on is in effect. There are three possible modes, each defined PAM service can operate in a different mode.

  • PAMService: Whenever a new PamaceaPAMService directive is encountered, expire the current session and require new authentication. This option is the default when PamaceaPAMUserFileService is not enabled for the service.
  • UserFile: Whenever a new PamaceaUserFile directive is encountered, expire the current session and require new authentication. This option is the default when PamaceaPAMUserFileService is enabled for the service. See also PamaceaPAMConfirmUserFile. This option also implies PAMService. When multiple PAMs are stacked for the same service, if a PAM that does not use a UserFile authenticates the user, then the behavior will be as for the UserName mode.
  • UserName: Whenever authorization according to the current Require directive fails, expire the current session and require new authentication. This is the most permissive mode and should only be used when all PAMs in use have the exact same namespace.

See the NOTES file in the distribution for a more detailed explanation of Single Sign On vs namespaces and modes vs realms.

PamaceaSingleSignOnRealm

Usage: PamaceaSingleSignOnRealm [uriprefix] [realm]
Example: PamaceaSingleSignOnRealm /~ Personal

This directive defines single sign on realms. A realm is a collection of documents with a common URI prefix. Whenever a new realm is encountered, the current session will be expired and new authentication required (regardless of PamaceaSingleSignOnMode).

See the NOTES file in the distribution for a more detailed explanation of Single Sign On modes vs realms.

PamaceaUserFile

This directive may also be placed in .htaccess.

Usage: PamaceaUserFile [filename]
Example: PamaceaUserFile /etc/httpd/conf/htpasswd
Example: PamaceaUserFile /home/jsmith/htpasswd

The argument provided to this directive is passed to the PAM infrastructure during authentication to allow verification of identities in the usual htpasswd format. This assumes a PAM module capable of understanding this format. The included pam_htpasswd is capable of this. The userfile name is passed to the PAM via the PAM environment variable USERFILE.

Note: In order for user files to be enabled, the PAM Service in use must be defined in a PamaceaPAMUserFileService directive.

Note: The name of this directive may be changed in mod_auth_pamacea.h.

PamaceaWhatTheUserTyped

Usage: PamaceaWhatTheUserTyped [On|Off]
Default: Off

If enabled, mod_auth_pamacea will set $REMOTE_USER to be whatever the user typed into the login form, regardless of whether or not the PAM stack modifies the username as part of the authentication process.

See also PamaceaSetEnv.

.htaccess Directives

This section only describes directives that are specifically implemented by mod_auth_pamacea. Other directives that may be relevant (such as allow from or satisfy any) are not documented here.

AuthName

Usage: AuthName [realm]
Example: AuthName internalnews

Set the authentication realm. This tag is currently not used.

AuthType

Usage: AuthType Pamacea

This directive invokes mod_auth_pamacea.

Note: The argument passed to AuthType may be changed in mod_auth_pamacea.h.

PamaceaLogout

Usage: PamaceaLogout

When a directory containing this directive is encountered, the client's current session is expired. No other protection is performed, so the contents of the directory will be publically accessible.

Note: The name of this directive may be changed in mod_auth_pamacea.h.

PamaceaNoCacheMSIE

Usage: PamaceaNoCacheMSIE [On|Off]
Default: Global configuration file value

See the documentation for the configuration file directive.

PamaceaPAMService

See the documentation for the configuration file directive.

PamaceaSetEnv

See the documentation for the configuration file directive.

PamaceaUserFile

See the documentation for the configuration file directive.

Require

Usage: Require [method] [validname [...]]
Example: Require valid-user
Example: Require user jsmith
Example: Require group group1

Restrict who has access to the contents of the directory. The following authorizations are supported:

  • valid-user: Any authenticated user.
  • user: Any specified authenticated user.
  • group: Any authenticated user that is a member of any specified group. See PamaceaGroupSource.

pam_htpasswd

pam_htpasswd is a PAM module that understands Apache's user password file format. Although it is included with mod_auth_pamacea, it is not enabled by default.

To build the PAM module, simply

 % cd mod_auth_pamacea/pam_htpasswd
 % make
 # make install
 
This will also build a test program pam that can be used to verify if the module is correctly installed.

To configure the PAM, edit /etc/pam.conf or add an entry to /etc/pam.d/, according to your local system. A sample pam.conf entry will look like

 htpasswd auth required /lib/security/pam_htpasswd.so.1 use_first_pass
 
The utility pam in the pam_htpasswd directory can be used to test the PAM configuration. Provide it with the PAM service name, the full path to the desired userfile, a username, and a password.
 % ./pam htpasswd /home/jsmith/htpasswd jsmith goodpw
 Go (userfile = /home/jsmith/htpasswd)
 % ./pam htpasswd /home/jsmith/htpasswd jsmith badpw
 No go [9]
 
(The number in brackets indicates the PAM error code returned, as defined in pam_appl.h.)

After successful authentication, pam_htpasswd will store the userfile used for authentication in the PAM environment variable HTPASSWD_REALM.

The following mod_auth_pamacea directives should be used in httpd.conf when pam_htpasswd is used:

For example:
 PamaceaPAMUserFileService htpasswd
 PamaceaPAMConfirmUserFile HTPASSWD_REALM
 
Additionally, the PamaceaUserFile directive must be specified in relevant .htaccess files.

Change Log

v3.0 (23 January 2007)

Important: The format of the state information maintained by the file-based session manager has changed. It is recommended that any existing state files be cleared when upgrading to v3.0.

  • Add PamaceaWhatTheUserTyped. (Bugs #831, #915)
  • Add PamaceaNoCache (Bug #402) and PamaceaNoCacheMSIE. (Bug #890)
  • Escape " to prevent nuisance XSS style attacks. (Bug #398)
  • Work around 1024 character limit in Solaris pam_getenvlist(). (Bug #1298)
  • Fix incorrect handling of per-directory configuration directives bug. (Bug #892)
  • Add support for Apache 2.2. (Bug #667)
  • Add PamaceaNoIPCheck. (Bug #405)
  • Establish mailing lists. (Bug #943)
v2.3 (2 August 2005)

  • Fix bug where Linux PAM may require operational flag to pam_setcred().
  • Fix potential cross site scripting vulnerability.
  • Fix bug causing segmentation faults when operating in mixed Pamacea/Non-Pamacea environment.
  • When PamaceaSingleSignOnMode is UserFile, assume a blank UserFile indicates multiple PAMs are stacked and a non-UserFile PAM authenticated the user.
  • PamaceaSingleSignOnMode UserFile now implies PAMService.
  • Only allow session cookie with session ID of correct length.
v2.2 (25 October 2004)

  • Replace PamaceaNoSSLOK with PamaceaNoSSL.
  • Fix incorrect handling of passwords with spaces.
  • Fix incorrect log level in PamaceaAuthLogLevel.

v2.1 (9 September 2004)

Important: The format of the state information maintained by the file-based session manager has changed. It is recommended that any existing state files be cleared when upgrading from v2.0 to v2.1.

  • Add PamaceaSingleSignOnRealm.
  • Call pam_acct_mgmt during PAM process.
  • Clean up bucket brigade handling.
  • Add workaround for HP-UX build errors (_WITHOUT_PAMENV).
  • Fix .htaccess AllowOverride specification.
  • Fix bug preventing interoperation with mod_access.
  • Add PamaceaAuthLogLevel.
v2.0 (20 January 2004)

Important: The format of the state information maintained by the file-based session manager has changed. It is recommended that any existing state files be cleared when upgrading from v1.0 to v2.0.

  • Add PamaceaSingleSignOnMode to control single sign on behavior.
  • Add pam_htpasswd, and PamaceaUserFile, PamaceaPAMUserFileService, and PamaceaPAMConfirmUserFile to support it.
  • Add PamaceaIdleTime.
  • Work around problematic Linux-PAM implementation.
v1.0 (2 December 2003)
  • Initial release.

Common Errors

If every request returns "Permission denied", you are probably accessing via http and not https, and have not set "PamaceaNoSSL OK" in httpd.conf. Verify this by retrieving the login page directly (assuming it has @ERRORTEXT@ in it somewhere).

Bug Reports

Bug reports, including errors in documentation, are appreciated. While we will attempt to take action, due to limited staff resources no assurance of acknowledgement or investigation can be made. Please submit reports anyway.

Prior to submitting a report, please check to see if your bug has already been reported. See the lists of open or all bugs, or perform an advanced search.

Enter bug reports via the mod_auth_pamacea Bugzilla.

Please include the following information in any bug report:

  1. The mod_auth_pamacea version number, as determined from the top of this page or from the PKGVERSION line of the Makefile.

  2. Operating system, including version number and patch level.

  3. Hardware (vendor, cpu type and number, physical memory).

  4. The output of httpd -V.

  5. The relevant entries from your httpd.conf.

  6. Steps for reproducing the problem.

  7. Any error messages encountered, or any unexpected output produced.

  8. Your contact information.

  9. Patches, if possible. Even hacks that cannot be permanently incorporated would be appreciated. Patches, if incorporated, must be made available under the same license as the module.

A copy of your bug report will be posted to the mod_auth_pamacea general mailing list.
$Date: 2007/01/23 03:10:55 $
$Revision: 1.13 $



mod_auth_pamacea Links


AcIS Development Projects



http://www.columbia.edu/acis/dev/projects/mod_auth_pamacea/doc.shtml Friday, 10-Sep-2004 13:39:01 EDT