<p>This module implements HTTP Digest Authentication
(<a href="http://www.faqs.org/rfcs/rfc2617.html">RFC2617</a>), and
- provides a more secure alternative to <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code>.</p>
+ provides an alternative to <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code> where the
+ password is not transmitted as cleartext. However, this does
+ <strong>not</strong> lead to a significant security advantage over
+ basic authentication. On the other hand, the password storage on the
+ server is much less secure with digest authentication than with
+ basic authentication. Therefore, using basic auth and encrypting the
+ whole connection using <code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code> is a much better
+ alternative.</p>
</div>
<div id="quickview"><h3 class="directives">Directives</h3>
<ul id="toc">
</div>
<div class="note"><h3>Note</h3>
- <p>Digest authentication is more secure than Basic authentication,
- but only works with supporting browsers. As of this writing (December
- 2012) all major browsers support digest authentication.</p>
+ <p>Digest authentication was intended to be more secure than basic
+ authentication, but no longer fulfills that design goal. A
+ man-in-the-middle attacker can trivially force the browser to downgrade
+ to basic authentication. And even a passive eavesdropper can brute-force
+ the password using today's graphics hardware, because the hashing
+ algorithm used by digest authentication is too fast. Another problem is
+ that the storage of the passwords on the server is insecure. The contents
+ of a stolen htdigest file can be used directly for digest authentication.
+ Therefore using <code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code> to encrypt the whole connection is
+ strongly recommended.</p>
<p><code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code> only works properly on platforms
where APR supports shared memory.</p>
</div>
<a href="../fr/mod/mod_auth_digest.html" title="Français"> fr </a> |
<a href="../ko/mod/mod_auth_digest.html" hreflang="ko" rel="alternate" title="Korean"> ko </a></p>
</div>
+<div class="outofdate">Cette traduction peut être périmée. Vérifiez la version
+ anglaise pour les changements récents.</div>
<table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>Authentification utilisateur utilisant les condensés
MD5</td></tr>
<tr><th><a href="module-dict.html#Status">Statut:</a></th><td>Extension</td></tr>
<?xml version="1.0"?>
<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
<?xml-stylesheet type="text/xsl" href="../style/manual.fr.xsl"?>
-<!-- English Revision : 1415961 -->
+<!-- English Revision: 1415961:1555538 (outdated) -->
<!-- French translation : Lucien GENTIS -->
<!-- Reviewed by : Vincent Deffontaines -->
<?xml version="1.0" encoding="EUC-KR" ?>
<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
<?xml-stylesheet type="text/xsl" href="../style/manual.ko.xsl"?>
-<!-- English Revision: 105989:1415961 (outdated) -->
+<!-- English Revision: 105989:1555538 (outdated) -->
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
<variants>
<variant>en</variant>
- <variant>fr</variant>
+ <variant outdated="yes">fr</variant>
<variant outdated="yes">ko</variant>
</variants>
</metafile>
<p><span>Langues Disponibles: </span><a href="../en/mod/mod_authnz_ldap.html" hreflang="en" rel="alternate" title="English"> en </a> |
<a href="../fr/mod/mod_authnz_ldap.html" title="Français"> fr </a></p>
</div>
-<div class="outofdate">Cette traduction peut être périmée. Vérifiez la version
- anglaise pour les changements récents.</div>
<table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>Permet d'utiliser un annuaire LDAP pour l'authentification
HTTP de base.</td></tr>
<tr><th><a href="module-dict.html#Status">Statut:</a></th><td>Extension</td></tr>
<variants>
<variant>en</variant>
- <variant outdated="yes">fr</variant>
+ <variant>fr</variant>
</variants>
</metafile>
whether or not it exists, and is a regular file with size greater
than zero.</li>
- <li>'<strong>-U</strong>' (is existing URL, via
+ <li><p>'<strong>-U</strong>' (is existing URL, via
subrequest)<br />
Checks whether or not <em>TestString</em> is a valid URL,
accessible via all the server's currently-configured
access controls for that path. This uses an internal
subrequest to do the check, so use it with care -
- it can impact your server's performance!</li>
+ it can impact your server's performance!</p>
+ <p> This flag <em>only</em> returns information about things
+ like access control, authentication, and authorization. This flag
+ <em>does not</em> return information about the status code the
+ configured handler (static file, CGI, proxy, etc.) would have
+ returned.</p> </li>
<li>'<strong>-x</strong>' (has e<strong>x</strong>ecutable
permissions)<br />
vérifie son existence et si elle est un fichier régulier
d'une taille supérieure à zéro.</li>
- <li>'<strong>-U</strong>' (test de l'existence d'une
- <strong>U</strong>RL via une sous-requête)<br />
+ <li><p>'<strong>-U</strong>' (test de l'existence d'une
+ URL via une sous-requête)<br />
Vérifie si <em>chaîne de test</em> est une URL valide,
accessible à travers tous les contrôles d'accès du serveur
actuellement configurés pour ce chemin. C'est une
sous-requête interne qui effectue cette vérification - à
utiliser avec précautions car les performances du serveur
- peuvent s'en trouver affectées !</li>
+ peuvent s'en trouver affectées !</p>
+ <p>Ce drapeau ne renvoie <em>que</em> des informations
+ concernant le contrôle d'accès, l'authentification et
+ l'autorisation. Il ne renvoie <em>pas</em> d'informations
+ concernant le code d'état que le gestionnaire configuré
+ (static file, CGI, proxy, etc...) aurait, quant à lui,
+ retourné.</p></li>
<li>'<strong>-x</strong>' (a l'attribut d'exécution positionné)<br />
Considère la <em>chaîne de test</em> comme un chemin et
<a href="../fr/platform/windows.html" title="Français"> fr </a> |
<a href="../ko/platform/windows.html" hreflang="ko" rel="alternate" title="Korean"> ko </a></p>
</div>
-<div class="outofdate">Cette traduction peut être périmée. Vérifiez la version
- anglaise pour les changements récents.</div>
<p>Ce document décrit l'installation, la configuration et
<ul>
<li><a href="http://www.apachehaus.com/cgi-bin/download.plx">ApacheHaus</a></li>
<li><a href="http://www.apachelounge.com/download/">Apache Lounge</a></li>
+ <li><a href="http://bitnami.com/stack/wamp">BitNami WAMP Stack</a></li>
<li><a href="http://www.wampserver.com/">WampServer</a></li>
<li><a href="http://www.apachefriends.org/en/xampp.html">XAMPP</a></li>
</ul>
<variants>
<variant>en</variant>
- <variant outdated="yes">fr</variant>
+ <variant>fr</variant>
<variant outdated="yes">ko</variant>
</variants>
</metafile>
projects / apache / commitdiff