Introduction
|
Digest auth pops up a user/password dialog in the browser, but they're not very popular. Maybe because you can't log out or control the length of time that you wish to be logged in for. Digest auth does not send the password over as plain text like basic auth or a unencrypted web form. DBM is quicker than a plain text file especially when you have lots of users.
Ubuntu contains 3 different password managers for apache: dbmmanage, htdigest, htdbm Unfortunately, none of them work with digest + DBM.
htdigest can do digest auth but only with a plain text file, not a dbm file.
htdbm can do dbm but can't handle usernames with colons.
dbmmanage produces a custom md5 number that doesn't work anywhere else.
Steps to set it all up
To create a user
Make up a realm name & type in a dumbie password for now...
dbmmanage -p /etc/apache2/digest.db adduser username:realm - group
To set up the password
Now use your real password...
echo -n 'username:realm:password' | md5sum
Now we have a md5 hex number, replace the <md5> with this number...
dbmmanage -p /etc/apache2/digest.db update username:realm <md5> group
Example:
dbmmanage -p /etc/apache2/digest.db update username:realm 66999343281b2624585fd58cc9d36dfc group
Now you'll notice that there is no 'digest.db' file, only a 'digest' file. So add the below to your site's config in /etc/apache2/sites-enabled/...
<Directory /> AuthType Digest AuthName "realm" AuthDigestDomain / AuthDigestProvider dbm AuthDBMType db AuthDBMUserFile /etc/apache2/digest Require valid-user </Directory>
Enable the modules
sudo a2enmod authn_dbm sudo a2enmod auth_digest sudo service apache2 restart
Your site should now ask you for a user name/password.
External Links
Digest access authentication - wikipedia.