Received: by taz.hyperreal.com (8.6.12/8.6.5) id HAA20060;
 Tue, 27 Feb 1996 07:24:36 -0800
Received: from gate.ukweb.com by taz.hyperreal.com (8.6.12/8.6.5) with ESMTP
 id HAA20055; Tue, 27 Feb 1996 07:24:33 -0800
Received: from star(really [192.168.2.10]) by gate.ukweb.com
	via rsmtp with smtp
	id <m0trREs-000L9JC@gate.ukweb.com>
	for <new-httpd@hyperreal.com>; Tue, 27 Feb 96 15:22:54 +0000 (GMT)
	(/\##/\ Smail3.1.30.13 #30.13 built 31-aug-95)
Date: Tue, 27 Feb 1996 15:22:34 +0000 (GMT)
From: Mark J Cox <mark@ukweb.com>
X-Sender: mark@star
To: new-httpd@hyperreal.com
Subject: Re: New module (fwd)
In-Reply-To: <199602271434.GAA15426@taz.hyperreal.com>
Message-ID: <Pine.LNX.3.91.960227151630.1047G-100000@star>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-new-httpd@apache.org
Precedence: bulk
Reply-To: new-httpd@hyperreal.com

> > I've created a new module that I'd like to contribute.  It's a module
> > that uses the UNIX password file for authentication.  I need this

You can actually already do this (sort of).  I submitted a patch last
April that caused the .htpasswd file to ignore anything after a ":" after
the password.  Someone submitted something similar again last month.  Then
you just point "AuthFilename /etc/passwd" and it works.  I don't think
its a good thing to document, it's not something we want everyone doing:
finding out that their favourite account with password "aardvark" has
been compromised because someone sent the dictionary with keep-alive's to 
their Web server.

> > Rob Nielsen                     rob_nielsen@adc.com
> > ADC Telecommunications, Inc.
> > http://www.cs.ndsu.nodak.edu/alumni/rob_nielsen
> > 4900 West 78th Street, MS10     (612) 896-2706
> > Minneapolis, MN  55345          (612) 896-2959 - fax
> > 
> 
> 
> 

Mark
Mark Cox, Technical Director, UK Web ------ http://www.ukweb.com/~mark/
Commercial Support for the Apache Web Server, see http://www.ukweb.com/