You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Ben Laurie <be...@gonzo.ben.algroup.co.uk> on 1996/01/07 09:56:17 UTC
Re: MD5
>
> On Sat, 6 Jan 1996, Brian Behlendorf wrote:
>
> > Well, you mean one would have to write a separate module for each
> > (authenticationtype,passworddatabase) pair. This actually isn't true -
> > mod_auth and mod_dbm_auth *could* be combined, since they use different
> > configuration options. At least, I've never had a problem compiling with
> > both turned on. So, you could do a mod_auth_md5 and have config options
> > for using either DBM files, flat files, or even mSQL in the same module.
> >
> > Or am I missing something?
>
> No, you're not missing anything. My point was that the auth modules are
> authentication-type-dependent. It'd be nice if one could write a module
> that did authentication without having to worry about authentication type
> - that should all be built into Apache, and the modules should have some
> generic functions to call that will work with any authentication scheme,
> so we don't need different versions of the modules for each type. This is
> especially important if we want to support some kind of security
> negotiation in the future.
Apache-SSL actually fakes Basic authentication, but uses the "one-line" X509
as the user name. This was done to avoid having to rewrite the authentication
code. So, I'd agree, an authentication support module would be very nice.
Cheers,
Ben.
>
> Doesn't that make sense?
>
> --/ Alexei Kosut <ak...@nueva.pvt.k12.ca.us> /--------/ Lefler on IRC
> ----------------------------/ <http://www.nueva.pvt.k12.ca.us/~akosut/>
> The viewpoints expressed above are entirely false, and in no way
> represent Alexei Kosut nor any other person or entity. /--------------
>
>
--
Ben Laurie Phone: +44 (181) 994 6435
Freelance Consultant Fax: +44 (181) 994 6472
and Technical Director Email: ben@algroup.co.uk
A.L. Digital Ltd, URL: http://www.algroup.co.uk
London, England.