You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Paul Morris <pa...@interactivedata.com> on 2008/02/29 16:26:19 UTC
[users@httpd] Digest authentication and single sign-on, correct format and browsers
supporting
I want to achieve a single sign-on interface for all of the sub domains
of a given top level domain. For this I have identified Digest
authentication as an appropriate solution thanks to its support for
enabling multiple domains to share the same user credentials.
I have the AuthDigestDomain directive set to "/
http://base.url.com:8000/ http://one.base.url.com:8000/
http://two.base.url.com:8000/" in my Apache configuration file. I can
see this value being forwarded verbatim to the browser by Apache in the
response headers correctly.
I point a browser to http://base.url.com:8000/ to sign on, which works.
However, when I then connect to any of the other listed URLs,
http://one.base.url.com:8000/ and http://two.base.url.com:8000/, I still
get a sign-on prompt. I realise that support for this feature of Digest
must be implemented by the browser. So far I have tried Firefox 1.5,
IE7, Opera 9.26 and Safari 3.0.4 -- all of which refuse to provide the
same login credentials on these domains without re-prompting for the
user information. The realm is set to the same value for all domains.
Here is an extract from my configuration file for the digest authentication:
<Directory /home/web>
AuthType Digest
AuthName Example
AuthDigestDomain / http://base.url.com:8000/
http://one.base.url.com:8000/ http://two.base.url.com:8000/
AuthUserFile my.db
Require valid-user
</Directory>
Is this feature not supported by any modern Web browser or have I gotten
the format for AuthDigestDomain wrong?
Thanks!
Paul.
--
Paul Morris | Project Development UK
Interactive Data Managed Solutions Ltd
--------------------------------------------------------------------------------------------
Registered in England No 3691868
Registered Office: Suite 1101, Eagle Tower | Montpellier Drive |
Cheltenham GL50 1TA | United Kingdom
Tel: +44 (0)1242 6941 28 | Fax: +44 (0)1242 6941 01
paul.morris@interactivedata.com <ma...@interactivedata.com>
http://www.interactivedata-ms.com/