From: Daniel Earl Poirier Date: Sat, 30 Oct 2010 20:14:38 +0000 (+0000) Subject: Point out that the format of encrypted passwords depends on X-Git-Tag: 2.3.9~197 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=745905a67d791a6370d8fcf4b64fa4fc035e87d2;p=apache Point out that the format of encrypted passwords depends on whether you're using mod_authn_basic or mod_authn_digest. Reported by Josef Spillner, PR46672. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1029180 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/docs/manual/mod/mod_authn_dbd.xml b/docs/manual/mod/mod_authn_dbd.xml index d0a5545ed7..3e984e12f2 100644 --- a/docs/manual/mod/mod_authn_dbd.xml +++ b/docs/manual/mod/mod_authn_dbd.xml @@ -56,6 +56,7 @@ DBDriver DBDParams +Password Formats
Performance and Cacheing @@ -148,6 +149,11 @@ AuthDBDUserPWQuery \ the query statement will be stored as environment variables with names of the form AUTHENTICATE_COLUMN.

+

The encrypted password format depends on which authentication + frontend (e.g. mod_authn_basic or + mod_authn_digest) is being used. See Password Formats for + more information.

@@ -178,6 +184,11 @@ AuthDBDUserRealmQuery \ the query statement will be stored as environment variables with names of the form AUTHENTICATE_COLUMN.

+

The encrypted password format depends on which authentication + frontend (e.g. mod_authn_basic or + mod_authn_digest) is being used. See Password Formats for + more information.

diff --git a/docs/manual/mod/mod_authn_dbm.xml b/docs/manual/mod/mod_authn_dbm.xml index 8251b51f0b..37989c3be0 100644 --- a/docs/manual/mod/mod_authn_dbm.xml +++ b/docs/manual/mod/mod_authn_dbm.xml @@ -51,6 +51,7 @@ AuthDigestProvider +Password Formats AuthDBMUserFile @@ -79,6 +80,12 @@ passwords for authentication download the AuthDBMUserFile.

+

The encrypted password format depends on which authentication + frontend (e.g. mod_authn_basic or + mod_authn_digest) is being used. See Password Formats for + more information.

+

Important compatibility note: The implementation of dbmopen in the apache modules reads the string length of the hashed values from the DBM data structures, rather than relying diff --git a/docs/manual/mod/mod_authn_file.xml b/docs/manual/mod/mod_authn_file.xml index d95bd7635f..f6e228b9f1 100644 --- a/docs/manual/mod/mod_authn_file.xml +++ b/docs/manual/mod/mod_authn_file.xml @@ -49,6 +49,7 @@ htpasswd htdigest +Password Formats AuthUserFile @@ -71,10 +72,15 @@ passwords for authentication ID is defined multiple times, mod_authn_file will use the first occurrence to verify the password.

-

The utility htpasswd +

The encrypted password format depends on which authentication + frontend (e.g. mod_authn_basic or + mod_authn_digest) is being used. See Password Formats for + more information.

+ +

For mod_authn_basic, use the utility htpasswd which is installed as part of the binary distribution, or which - can be found in src/support, is used to maintain - the password file for HTTP Basic Authentication. See the + can be found in src/support. See the man page for more details. In short:

@@ -98,9 +104,7 @@ passwords for authentication module="mod_authn_dbm">AuthDBMUserFile should be used instead.

-

If you are using HTTP Digest Authentication, the - htpasswd tool is not sufficient. - You have to use htdigest +

For mod_authn_digest, use htdigest instead. Note that you cannot mix user data for Digest Authentication and Basic Authentication within the same file.