Return-Path: X-Original-To: apmail-httpd-cvs-archive@www.apache.org Delivered-To: apmail-httpd-cvs-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 4EA53D97D for ; Sat, 1 Dec 2012 09:59:22 +0000 (UTC) Received: (qmail 39664 invoked by uid 500); 1 Dec 2012 09:59:22 -0000 Delivered-To: apmail-httpd-cvs-archive@httpd.apache.org Received: (qmail 39588 invoked by uid 500); 1 Dec 2012 09:59:20 -0000 Mailing-List: contact cvs-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list cvs@httpd.apache.org Received: (qmail 39560 invoked by uid 99); 1 Dec 2012 09:59:19 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 01 Dec 2012 09:59:19 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 01 Dec 2012 09:59:16 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id 6DE0C23888E7; Sat, 1 Dec 2012 09:58:55 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1415964 - in /httpd/httpd/branches/2.2.x/docs/manual/mod: mod_auth_digest.html.en mod_auth_digest.xml.fr mod_auth_digest.xml.ko mod_auth_digest.xml.meta Date: Sat, 01 Dec 2012 09:58:54 -0000 To: cvs@httpd.apache.org From: igalic@apache.org X-Mailer: svnmailer-1.0.8-patched Message-Id: <20121201095855.6DE0C23888E7@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: igalic Date: Sat Dec 1 09:58:53 2012 New Revision: 1415964 URL: http://svn.apache.org/viewvc?rev=1415964&view=rev Log: xforms Modified: httpd/httpd/branches/2.2.x/docs/manual/mod/mod_auth_digest.html.en httpd/httpd/branches/2.2.x/docs/manual/mod/mod_auth_digest.xml.fr httpd/httpd/branches/2.2.x/docs/manual/mod/mod_auth_digest.xml.ko httpd/httpd/branches/2.2.x/docs/manual/mod/mod_auth_digest.xml.meta Modified: httpd/httpd/branches/2.2.x/docs/manual/mod/mod_auth_digest.html.en URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/docs/manual/mod/mod_auth_digest.html.en?rev=1415964&r1=1415963&r2=1415964&view=diff ============================================================================== --- httpd/httpd/branches/2.2.x/docs/manual/mod/mod_auth_digest.html.en (original) +++ httpd/httpd/branches/2.2.x/docs/manual/mod/mod_auth_digest.html.en Sat Dec 1 09:58:53 2012 @@ -53,7 +53,6 @@

Topics

See also

  • AuthName
    • @@ -93,48 +92,9 @@

    Note

    Digest authentication is more secure than Basic authentication, - but only works with supporting browsers. As of September 2004, major - browsers that support digest authentication include Amaya, Konqueror, MS Internet Explorer - for Mac OS X and Windows (although the Windows version fails when - used with a query string -- see "Working with MS - Internet Explorer" below for a workaround), Mozilla, - Netscape 7, Opera, and Safari. lynx does not - support digest authentication. Since digest authentication is not as - widely implemented as basic authentication, you should use it only - in environments where all users will have supporting browsers.

    + but only works with supporting browsers. As of this writing (December + 2012) all major browsers support digest authentication.

    -
    top
    -
    -

    Working with MS Internet Explorer

    -

    The Digest authentication implementation in previous Internet - Explorer for Windows versions (5 and 6) had issues, namely that - GET requests with a query string were not RFC compliant. - There are a few ways to work around this issue.

    - -

    - The first way is to use POST requests instead of - GET requests to pass data to your program. This method - is the simplest approach if your application can work with this - limitation. -

    - -

    Since version 2.0.51 Apache also provides a workaround in the - AuthDigestEnableQueryStringHack environment variable. - If AuthDigestEnableQueryStringHack is set for the - request, Apache will take steps to work around the MSIE bug and - remove the query string from the digest comparison. Using this - method would look similar to the following.

    - -

    Using Digest Authentication with MSIE:

    - BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On -

    - -

    This workaround is not necessary for MSIE 7, though enabling it does - not cause any compatibility issues or significant overhead.

    - -

    See the BrowserMatch - directive for more details on conditionally setting environment - variables.

    top

    AuthDigestAlgorithm Directive

    Modified: httpd/httpd/branches/2.2.x/docs/manual/mod/mod_auth_digest.xml.fr URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/docs/manual/mod/mod_auth_digest.xml.fr?rev=1415964&r1=1415963&r2=1415964&view=diff ============================================================================== --- httpd/httpd/branches/2.2.x/docs/manual/mod/mod_auth_digest.xml.fr (original) +++ httpd/httpd/branches/2.2.x/docs/manual/mod/mod_auth_digest.xml.fr Sat Dec 1 09:58:53 2012 @@ -1,7 +1,7 @@ - + Modified: httpd/httpd/branches/2.2.x/docs/manual/mod/mod_auth_digest.xml.ko URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/docs/manual/mod/mod_auth_digest.xml.ko?rev=1415964&r1=1415963&r2=1415964&view=diff ============================================================================== --- httpd/httpd/branches/2.2.x/docs/manual/mod/mod_auth_digest.xml.ko [euc-kr] (original) +++ httpd/httpd/branches/2.2.x/docs/manual/mod/mod_auth_digest.xml.ko [euc-kr] Sat Dec 1 09:58:53 2012 @@ -1,7 +1,7 @@ - +