Received: (from majordom@localhost) by hyperreal.org (8.8.5/8.8.5) id MAA21570; Sat, 16 Aug 1997 12:14:50 -0700 (PDT) Received: from sierra.zyzzyva.com (ppp0-sierra.zyzzyva.com [208.214.59.46]) by hyperreal.org (8.8.5/8.8.5) with ESMTP id MAA21566 for ; Sat, 16 Aug 1997 12:14:46 -0700 (PDT) Received: from sierra (localhost [127.0.0.1]) by sierra.zyzzyva.com (8.8.5/8.8.2) with ESMTP id OAA02487 for ; Sat, 16 Aug 1997 14:11:49 -0500 (CDT) Message-Id: <199708161911.OAA02487@sierra.zyzzyva.com> X-Mailer: exmh version 2.0zeta 7/24/97 To: new-httpd@apache.org Subject: Re: Windows NT chap authentication protocol for http In-reply-to: ben's message of Sat, 16 Aug 1997 17:50:07 +0100. <33F5DA3F.29AB78AD@algroup.co.uk> X-uri: http://www.zyzzyva.com/ Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Sat, 16 Aug 1997 14:11:49 -0500 From: Randy Terbush Sender: new-httpd-owner@apache.org Precedence: bulk Reply-To: new-httpd@apache.org > Chuck Murcko wrote: > > > > Ben Laurie wrote: > > > > > > George Carrette wrote: > > > > > > > > I've not found the word CHAP in the apache documentation or source code, > > > > so was wondering if anybody might be interested in implementing the Windows NT > > > > CHAP > > > > authentication protocol for HTTP. > > > > > > Could be - where's the docco? Which clients use it? > > > > > > Cheers, > > > > > Isn't CHAP a link authentication protocol, or does M$ have their own > > version? > > CHAP usually refers to the PPP authentication method, but is a generic > term (Challenge/Handshake Authentication Protocol). Digest > Authentication is the HTTP equivalent. > > Of course, stuff that adds fun to the question is that CHAP (in PPP) can > lead to verifiable identity via RADIUS et al. Not sure if RADIUS is big > enough to warrant thinking about it yet, tho... > > Cheers, > > Ben. Actually, there exists a PAM module for Apache that would enable you to plug whatever authentication protocol you wish into the server without recompiling. This does require PAM support on your OS though.