- Overview
- Installation & Uninstallation
- Local and remote management using IIS 7
- Context and processing order
- Apache compatibility
- Modules
- core functions
- mod_antibot
- mod_asis
- mod_auth_basic
- mod_auth_digest
- mod_authn_anon
- mod_authn_dbd
- mod_authn_default
- mod_authn_file
- mod_authz_default
- mod_authz_groupfile
- mod_authz_host
- mod_authz_user
- mod_cache
- mod_dbd
- mod_deflate
- mod_developer
- mod_dir
- mod_disk_cache
- mod_env
- mod_evasive
- mod_expires
- mod_filter
- mod_gzip
- mod_headers
- mod_hotlink
- mod_linkfreeze
- mod_log_config
- mod_logio
- mod_mem_cache
- mod_mime
- mod_proxy
- mod_replace
- mod_rewrite
- mod_seo
- mod_setenvif
- mod_so
- mod_speling
- mod_usertrack
- mod_xsendfile
- Articles
- Release history
- Troubleshooting
- License agreement
mod_auth_digest
Overview
mod_auth_digest module allows to use HTTP Digest Authentication.
Quick start
To implement MD5 Digest Authentication one should use
AuthType Digest
and
AuthDigestProvider
directives.
And then in
AuthDigestDomain
directive specify at least the root URI(s) for this protection space.
Example:
<Location /private/>
AuthType Digest
AuthName "private area"
AuthDigestDomain /private/ http://www.domain.com/myprivate/
AuthDigestProvider file
AuthUserFile c:/inetpub/passwords/.digest_pwd
Require valid-user
</Location>Related articles and topics
- HTTP Authentication and Authorization
- Enabling site authentication not using Windows users
- mod_auth_basic
- mod_authn_dbd
- mod_authn_file
- mod_authz_groupfile
- mod_authz_host
- mod_authz_user
Enviroment variables
| Name | Context | Description |
|---|---|---|
| on_auth_create_user | S V D .h | creates ASP.NET context user |
By default mod_auth_digest does not create ASP.NET context user. If you want it to be created, put the following line into the corresponding config:
SetEnv on_auth_create_userDirectives
| Name | Context | Description |
|---|---|---|
| AuthDigestDomain | S V D .h | specifies URIs that are in the same protection space for digest authentication |
| AuthDigestNonceLifetime | S V D .h | defines how long the server nonce is valid |
| AuthDigestProvider | S V D .h | sets the authentication provider(s) for current location |
AuthDigestDomain
AuthDigestDomain
directive is used to specify one or more
URIs that are in the same protection space (use the same realm and username/password
info). The specified URIs are prefixes; the client will assume that all URIs
"below" these are also protected by the same username/password. The
URIs may be either absolute or relative ones.
This directive is mandatory and must contain at least the root URI(s) for this space.
Specified URIs may also point to different servers, in such case clients will share username/password info across multiple servers without prompting the user each time.
Syntax
AuthDigestDomain URI [URI] [...]Example
AuthDigestDomain /privateAuthDigestNonceLifetime
AuthDigestNonceLifetime
directive sets the time during which
the server nonce is valid. When the client contacts the server using an expired
nonce the server sends back a 401 response with stale=true. If
seconds
is greater than 0 then it specifies the amount of time for which the nonce is
valid. If
seconds
is set to a negative value, the
nonce will never expire.
Syntax:
AuthDigestNonceLifetime secondsDefault:
AuthDigestNonceLifetime 300AuthDigestProvider
AuthDigestProvider
directive specifies provider used for user
authentication. Default file provider is implemented by the
mod_authn_file
module.
Syntax
AuthDigestProvider provider-name [provider-name] [...]Default
AuthDigestProvider file