httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paul Morris <paul.mor...@interactivedata.com>
Subject [users@httpd] Digest authentication and single sign-on, correct format and browsers supporting
Date Fri, 29 Feb 2008 15:26:19 GMT
I want to achieve a single sign-on interface for all of the sub domains 
of a given top level domain. For this I have identified Digest 
authentication as an appropriate solution thanks to its support for 
enabling multiple domains to share the same user credentials.

I have the AuthDigestDomain directive set to "/ 
http://base.url.com:8000/ http://one.base.url.com:8000/ 
http://two.base.url.com:8000/" in my Apache configuration file. I can 
see this value being forwarded verbatim to the browser by Apache in the 
response headers correctly.

I point a browser to http://base.url.com:8000/ to sign on, which works. 
However, when I then connect to any of the other listed URLs, 
http://one.base.url.com:8000/ and http://two.base.url.com:8000/, I still 
get a sign-on prompt. I realise that support for this feature of Digest 
must be implemented by the browser. So far I have tried Firefox 1.5, 
IE7, Opera 9.26 and Safari 3.0.4 -- all of which refuse to provide the 
same login credentials on these domains without re-prompting for the 
user information. The realm is set to the same value for all domains.

Here is an extract from my configuration file for the digest authentication:

<Directory /home/web>
        AuthType Digest
        AuthName Example
        AuthDigestDomain / http://base.url.com:8000/ 
http://one.base.url.com:8000/ http://two.base.url.com:8000/
        AuthUserFile my.db
        Require valid-user
</Directory>

Is this feature not supported by any modern Web browser or have I gotten 
the format for AuthDigestDomain wrong?

Thanks!
Paul.
-- 
Paul Morris | Project Development UK
Interactive Data Managed Solutions Ltd
--------------------------------------------------------------------------------------------
Registered in England No 3691868
Registered Office: Suite 1101, Eagle Tower | Montpellier Drive | 
Cheltenham GL50 1TA | United Kingdom
Tel: +44 (0)1242 6941 28 | Fax: +44 (0)1242 6941 01
paul.morris@interactivedata.com <mailto:paul.morris@interactivedata.com>
http://www.interactivedata-ms.com/

Mime
View raw message