----- Original Message ----- > I couldn't figure out how to get digest authentication working with > mod_auth_form, the documentation mentions it once, but offers no > specifics and I was unable to guess it (I even tried looking at the > source for comments that might help). > > Now as to why I would rather use digest authentication, I have been > unsuccessful in compiling mod_session_crypto. A site that had been Why? -- Did you use the latest apr-util? > using Digest would obviously have the bigger concern of preserving > user passwords. It happens that for the property I'm hoping to > deploy mod_auth_form on the next release I have most of the > passwords in both digest and htpasswd compatible formats. Based on > the pace of the release cycle I don't expect an official Ubuntu > package until end of October 2012, since apache httpd 2.3 isn't in > Sid I can't assume a working package through Debian anytime soon. It will be in Sid as soon as we release a "stable" release. sf (Stefan Fritsch) is the Debian Maintainer of the packages and one of our busiest committers. > I would prefer the stronger cryptography of mod_session_crypto, or a > cryptographically enhanced version of digest if one was available. > Since I store both password forms in my database I can use digest > now and then switch later. i -- Igor Galić Tel: +43 (0) 664 886 22 883 Mail: i.galic@xxxxxxxxxxxxxx URL: http://brainsware.org/ GPG: 6880 4155 74BD FD7C B515 2EA5 4B1D 9E08 A097 C9AE --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|