To enable Digest Authentication, add the following lines to the paw/conf/handler.xml file just after the opening <handlers> tag:
<handler status="active">
<name>Digest Handler</name>
<description>Digest authentication handler.</description>
<removable>true</removable>
<id>authDigest</id>
<files/>
<params>
<param name="authDigest.class" value="sunlabs.brazil.handler.DigestAuthHandler" />
<param name="authDigest.prefix" value="/" />
<param name="authDigest.realm" value="Protected" />
<param name="authDigest.credentials" value="[PAW_HOME]/webconf/auth/digest.conf" />
</params>
</handler>
This configuration protects the whole web site, if you would only like to protect a single directory, you can change the prefix parameter.
Now create a file called paw/webconf/auth/digest.conf with the following content:
#--------------------------------------------------------- # Digest Authenticatin configuration #--------------------------------------------------------- # Format: # username=plain password # # Instead of the plain password, HA1 can be used: # md5(user:realm:pass) # # username=HA1 #--------------------------------------------------------- user=test
The sample user is called user, with the password test.
It is recommended to build the HA1 hash for security reasons.
For the changes to take effect, restart the server.
this did not work with IE
ReplyDeleteGreat work!
ReplyDeleteBut after using the digest authentication php does not working.
Hi Marcus,
Deletethe digest authentication handler is completely independent of the rest of the handler chain. So enabling digest authentication shouldn't have any effect on the PHP handler.
Just tested, worked as expected.
Do you get an error message?
The Server did not find the php-file. Reinstall php solved the Problem.
ReplyDelete