The Apache HTTP Daemon can be configured to require users to supply logins and passwords before accessing pages in some directories. Authentication is the process of checking if the password given is correct for a user. Apache has standard modules for authenticating out of several different kinds of databases. The external authentication module provides a flexible tool for creating authentication systems based on other databases. The module can be used in either of two somewhat divergent ways: 1) External Authentication: When a user supplies a login and password, mod_auth*_external runs a program you write, passing it the login and password. Your program does whatever checking and logging it needs to, and then returns a Accept/Reject flag to Apache. 2) Hardcoded Authentication: Some hooks have been inserted into mod_auth*_external to make it easy to replace the call to the external authentication program with a call to a hardcoded internal authentication routine that you write.
Binary packages can be installed with the high-level tool pkgin (which can be installed with pkg_add) or pkg_add(1) (installed by default). The NetBSD packages collection is also designed to permit easy installation from source.
The pkg_admin audit command locates any installed package which has been mentioned in security advisories as having vulnerabilities.
Please note the vulnerabilities database might not be fully accurate, and not every bug is exploitable with every configuration.
Problem reports, updates or suggestions for this package should be reported with send-pr.