mod_auth_digest.html.en

Apache官方在今天放出产品系列2.2的最新版本2.2.11的源码包 最流行的HTTP服务器软件之一

<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!--
        XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
              This file is generated from xml source: DO NOT EDIT
        XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
      -->
<title>mod_auth_digest - Apache HTTP Server</title>
<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" />
<link href="../images/favicon.ico" rel="shortcut icon" /></head>
<body>
<div id="page-header">
<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p>
<p class="apache">Apache HTTP Server Version 2.2</p>
<img alt="" src="../images/feather.gif" /></div>
<div class="up"><a href="./"><img title="&lt;-" alt="&lt;-" src="../images/left.gif" /></a></div>
<div id="path">
<a href="http://www.apache.org/">Apache</a> &gt; <a href="http://httpd.apache.org/">HTTP Server</a> &gt; <a href="http://httpd.apache.org/docs/">Documentation</a> &gt; <a href="../">Version 2.2</a> &gt; <a href="./">Modules</a></div>
<div id="page-content">
<div id="preamble"><h1>Apache Module mod_auth_digest</h1>
<div class="toplang">
<p><span>Available Languages: </span><a href="../en/mod/mod_auth_digest.html" title="English">&nbsp;en&nbsp;</a> |
<a href="../ko/mod/mod_auth_digest.html" hreflang="ko" rel="alternate" title="Korean">&nbsp;ko&nbsp;</a></p>
</div>
<table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>User authentication using MD5
    Digest Authentication.</td></tr>
<tr><th><a href="module-dict.html#Status">Status:</a></th><td>Extension</td></tr>
<tr><th><a href="module-dict.html#ModuleIdentifier">Module營dentifier:</a></th><td>auth_digest_module</td></tr>
<tr><th><a href="module-dict.html#SourceFile">Source燜ile:</a></th><td>mod_auth_digest.c</td></tr></table>
<h3>Summary</h3>

    <p>This module implements HTTP Digest Authentication
    (<a href="http://www.faqs.org/rfcs/rfc2617.html">RFC2617</a>), and
    provides a more secure alternative to <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code>.</p>
</div>
<div id="quickview"><h3 class="directives">Directives</h3>
<ul id="toc">
<li><img alt="" src="../images/down.gif" /> <a href="#authdigestalgorithm">AuthDigestAlgorithm</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#authdigestdomain">AuthDigestDomain</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#authdigestnccheck">AuthDigestNcCheck</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#authdigestnonceformat">AuthDigestNonceFormat</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#authdigestnoncelifetime">AuthDigestNonceLifetime</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#authdigestprovider">AuthDigestProvider</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#authdigestqop">AuthDigestQop</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#authdigestshmemsize">AuthDigestShmemSize</a></li>
</ul>
<h3>Topics</h3>
<ul id="topics">
<li><img alt="" src="../images/down.gif" /> <a href="#using">Using Digest Authentication</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#msie">Working with MS Internet Explorer</a></li>
</ul><h3>See also</h3>
<ul class="seealso">
<li><code class="directive"><a href="../mod/core.html#authname">AuthName</a></code></li>
<li><code class="directive"><a href="../mod/core.html#authtype">AuthType</a></code></li>
<li><code class="directive"><a href="../mod/core.html#require">Require</a></code></li>
<li><code class="directive"><a href="../mod/core.html#satisfy">Satisfy</a></code></li>
<li><a href="../howto/auth.html">Authentication howto</a></li>
</ul></div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="using" id="using">Using Digest Authentication</a></h2>

    <p>Using MD5 Digest authentication is very simple. Simply set
    up authentication normally, using <code>AuthType Digest</code> and
    <code class="directive"><a href="#authdigestprovider">AuthDigestProvider</a></code>
    instead of the normal <code>AuthType Basic</code> and
    <code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code>.
    Then add a <code class="directive"><a href="#authdigestdomain">AuthDigestDomain</a></code> directive containing at least the root
    URI(s) for this protection space.</p>

    <p>Appropriate user (text) files can be created using the
    <code class="program"><a href="../programs/htdigest.html">htdigest</a></code> tool.</p>

    <div class="example"><h3>Example:</h3><p><code>
      &lt;Location /private/&gt;<br />
      <span class="indent">
        AuthType Digest<br />
        AuthName "private area"<br />
        AuthDigestDomain /private/ http://mirror.my.dom/private2/<br />
	<br />
	AuthDigestProvider file<br />
        AuthUserFile /web/auth/.digest_pw<br />
        Require valid-user<br />
      </span>
      &lt;/Location&gt;
    </code></p></div>

    <div class="note"><h3>Note</h3> 
    <p>Digest authentication is more secure than Basic authentication,
    but only works with supporting browsers. As of September 2004, major
    browsers that support digest authentication include <a href="http://www.w3.org/Amaya/">Amaya</a>, <a href="http://konqueror.kde.org/">Konqueror</a>, <a href="http://www.microsoft.com/windows/ie/">MS Internet Explorer</a>
    for Mac OS X and Windows (although the Windows version fails when
    used with a query string -- see "<a href="#msie">Working with MS
    Internet Explorer</a>" below for a workaround), <a href="http://www.mozilla.org">Mozilla</a>, <a href="http://channels.netscape.com/ns/browsers/download.jsp">
    Netscape</a> 7, <a href="http://www.opera.com/">Opera</a>, and <a href="http://www.apple.com/safari/">Safari</a>. <a href="http://lynx.isc.org/">lynx</a> does <strong>not</strong>
    support digest authentication. Since digest authentication is not as
    widely implemented as basic authentication, you should use it only
    in environments where all users will have supporting browsers.</p>
    </div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="msie" id="msie">Working with MS Internet Explorer</a></h2>
    <p>The Digest authentication implementation in previous Internet
    Explorer for Windows versions (5 and 6) had issues, namely that
    <code>GET</code> requests with a query string were not RFC compliant.
    There are a few ways to work around this issue.</p>

    <p>
    The first way is to use <code>POST</code> requests instead of
    <code>GET</code> requests to pass data to your program.  This method
    is the simplest approach if your application can work with this
    limitation.
    </p>

    <p>Since version 2.0.51 Apache also provides a workaround in the
    <code>AuthDigestEnableQueryStringHack</code> environment variable.
    If <code>AuthDigestEnableQueryStringHack</code> is set for the
    request, Apache will take steps to work around the MSIE bug and
    remove the query string from the digest comparison.  Using this
    method would look similar to the following.</p>

    <div class="example"><h3>Using Digest Authentication with MSIE:</h3><p><code>
    BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On
    </code></p></div>

    <p>This workaround is not necessary for MSIE 7, though enabling it does
    not cause any compatibility issues or significant overhead.</p>

    <p>See the <code class="directive"><a href="../mod/mod_setenvif.html#browsermatch">BrowserMatch</a></code>
    directive for more details on conditionally setting environment
    variables.</p>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="AuthDigestAlgorithm" id="AuthDigestAlgorithm">AuthDigestAlgorithm</a> <a name="authdigestalgorithm" id="authdigestalgorithm">Directive</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Selects the algorithm used to calculate the challenge and
response hashes in digest authentication</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthDigestAlgorithm MD5|MD5-sess</code></td></tr>
<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthDigestAlgorithm MD5</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_auth_digest</td></tr>
</table>
    <p>The <code class="directive">AuthDigestAlgorithm</code> directive
    selects the algorithm used to calculate the challenge and response
    hashes.</p>

    <div class="note">
      <code>MD5-sess</code> is not correctly implemented yet.
    </div>
    

</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="AuthDigestDomain" id="AuthDigestDomain">AuthDigestDomain</a> <a name="authdigestdomain" id="authdigestdomain">Directive</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>URIs that are in the same protection space for digest
authentication</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthDigestDomain <var>URI</var> [<var>URI</var>] ...</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_auth_digest</td></tr>