Recipe 6.8 Making Password Files for Digest Authentication
ProblemYou need to create a password file to be used for Digest authentication. SolutionUse the following command forms to set up a credential file for a realm to be protected by Digest authentication: % htdigest -c "By invitation only" rbowen % htdigest "By invitation only" krietz DiscussionDigest authorization, implemented by mod_auth_digest, uses an MD5 hash of the username, password, and authentication realm to check the credentials of the client. The htdigest utility, which comes with Apache, creates these files for you. The syntax for the command is very similar to the syntax for the htpasswd utility, except that you must also specify the authentication realm that the password will be used for. The resulting file contains one line per user, looking something like the following: rbowen:By invitation only:23bc21f78273f49650d4b8c2e26141a6 Note that, unlike entries in the password files created by htpasswd, which can be used anywhere, these passwords can be used only in the specified authentication realm, because the encrypted hash includes the realm. As with htpasswd, the -c flag creates a new file, possibly overwriting an existing file. You will be prompted for the password and then asked to type it again to verify it. htdigest does not have any of the additional options that htpasswd does. See Also
|
EAN: 2147483647
Pages: 215