📄 mod_auth_digest.html.en
字号:
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!--
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
This file is generated from xml source: DO NOT EDIT
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-->
<title>mod_auth_digest - Apache HTTP Server</title>
<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" />
<link href="../images/favicon.ico" rel="shortcut icon" /></head>
<body>
<div id="page-header">
<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p>
<p class="apache">Apache HTTP Server Version 2.2</p>
<img alt="" src="../images/feather.gif" /></div>
<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div>
<div id="path">
<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.2</a> > <a href="./">Modules</a></div>
<div id="page-content">
<div id="preamble"><h1>Apache Module mod_auth_digest</h1>
<div class="toplang">
<p><span>Available Languages: </span><a href="../en/mod/mod_auth_digest.html" title="English"> en </a> |
<a href="../ko/mod/mod_auth_digest.html" hreflang="ko" rel="alternate" title="Korean"> ko </a></p>
</div>
<table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>User authentication using MD5
Digest Authentication.</td></tr>
<tr><th><a href="module-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
<tr><th><a href="module-dict.html#ModuleIdentifier">Module營dentifier:</a></th><td>auth_digest_module</td></tr>
<tr><th><a href="module-dict.html#SourceFile">Source燜ile:</a></th><td>mod_auth_digest.c</td></tr></table>
<h3>Summary</h3>
<p>This module implements HTTP Digest Authentication. However, it
has not been extensively tested and is therefore marked
experimental.</p>
</div>
<div id="quickview"><h3 class="directives">Directives</h3>
<ul id="toc">
<li><img alt="" src="../images/down.gif" /> <a href="#authdigestalgorithm">AuthDigestAlgorithm</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#authdigestdomain">AuthDigestDomain</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#authdigestnccheck">AuthDigestNcCheck</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#authdigestnonceformat">AuthDigestNonceFormat</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#authdigestnoncelifetime">AuthDigestNonceLifetime</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#authdigestprovider">AuthDigestProvider</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#authdigestqop">AuthDigestQop</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#authdigestshmemsize">AuthDigestShmemSize</a></li>
</ul>
<h3>Topics</h3>
<ul id="topics">
<li><img alt="" src="../images/down.gif" /> <a href="#using">Using Digest Authentication</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#msie">Working with MS Internet Explorer</a></li>
</ul><h3>See also</h3>
<ul class="seealso">
<li><code class="directive"><a href="../mod/core.html#authname">AuthName</a></code></li>
<li><code class="directive"><a href="../mod/core.html#authtype">AuthType</a></code></li>
<li><code class="directive"><a href="../mod/core.html#require">Require</a></code></li>
<li><code class="directive"><a href="../mod/core.html#satisfy">Satisfy</a></code></li>
<li><a href="../howto/auth.html">Authentication howto</a></li>
</ul></div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="using" id="using">Using Digest Authentication</a></h2>
<p>Using MD5 Digest authentication is very simple. Simply set
up authentication normally, using <code>AuthType Digest</code> and
<code class="directive"><a href="#authdigestprovider">AuthDigestProvider</a></code>
instead of the normal <code>AuthType Basic</code> and
<code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code>.
Then add a <code class="directive"><a href="#authdigestdomain">AuthDigestDomain</a></code> directive containing at least the root
URI(s) for this protection space.</p>
<p>Appropriate user (text) files can be created using the
<code class="program"><a href="../programs/htdigest.html">htdigest</a></code> tool.</p>
<div class="example"><h3>Example:</h3><p><code>
<Location /private/><br />
<span class="indent">
AuthType Digest<br />
AuthName "private area"<br />
AuthDigestDomain /private/ http://mirror.my.dom/private2/<br />
<br />
AuthDigestProvider file<br />
AuthUserFile /web/auth/.digest_pw<br />
Require valid-user<br />
</span>
</Location>
</code></p></div>
<div class="note"><h3>Note</h3>
<p>Digest authentication is more secure than Basic authentication,
but only works with supporting browsers. As of September 2004, major
browsers that support digest authentication include <a href="http://www.w3.org/Amaya/">Amaya</a>, <a href="http://konqueror.kde.org/">Konqueror</a>, <a href="http://www.microsoft.com/windows/ie/">MS Internet Explorer</a>
for Mac OS X and Windows (although the Windows version fails when
used with a query string -- see "<a href="#msie">Working with MS
Internet Explorer</a>" below for a workaround), <a href="http://www.mozilla.org">Mozilla</a>, <a href="http://channels.netscape.com/ns/browsers/download.jsp">
Netscape</a> 7, <a href="http://www.opera.com/">Opera</a>, and <a href="http://www.apple.com/safari/">Safari</a>. <a href="http://lynx.isc.org/">lynx</a> does <strong>not</strong>
support digest authentication. Since digest authentication is not as
widely implemented as basic authentication, you should use it only
in environments where all users will have supporting browsers.</p>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="msie" id="msie">Working with MS Internet Explorer</a></h2>
<p>The Digest authentication implementation in current Internet
Explorer for Windows implementations has known issues, namely that
<code>GET</code> requests with a query string are not RFC compliant.
There are a few ways to work around this issue.</p>
<p>
The first way is to use <code>POST</code> requests instead of
<code>GET</code> requests to pass data to your program. This method
is the simplest approach if your application can work with this
limitation.
</p>
<p>Since version 2.0.51 Apache also provides a workaround in the
<code>AuthDigestEnableQueryStringHack</code> environment variable.
If <code>AuthDigestEnableQueryStringHack</code> is set for the
request, Apache will take steps to work around the MSIE bug and
remove the request URI from the digest comparison. Using this
method would look similar to the following.</p>
<div class="example"><h3>Using Digest Authentication with MSIE:</h3><p><code>
BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On
</code></p></div>
<p>See the <code class="directive"><a href="../mod/mod_setenvif.html#browsermatch">BrowserMatch</a></code>
directive for more details on conditionally setting environment
variables</p>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="AuthDigestAlgorithm" id="AuthDigestAlgorithm">AuthDigestAlgorithm</a> <a name="authdigestalgorithm" id="authdigestalgorithm">Directive</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Selects the algorithm used to calculate the challenge and
response hashes in digest authentication</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthDigestAlgorithm MD5|MD5-sess</code></td></tr>
<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthDigestAlgorithm MD5</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_auth_digest</td></tr>
</table>
<p>The <code class="directive">AuthDigestAlgorithm</code> directive
selects the algorithm used to calculate the challenge and response
hashes.</p>
<div class="note">
<code>MD5-sess</code> is not correctly implemented yet.
</div>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="AuthDigestDomain" id="AuthDigestDomain">AuthDigestDomain</a> <a name="authdigestdomain" id="authdigestdomain">Directive</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>URIs that are in the same protection space for digest
authentication</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthDigestDomain <var>URI</var> [<var>URI</var>] ...</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_auth_digest</td></tr>
</table>
<p>The <code class="directive">AuthDigestDomain</code> directive allows
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -