www-apache-bugdb mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dan Wilga <dwi...@mtholyoke.edu>
Subject mod_digest/1297: mod_digest: what browsers does it work with?
Date Wed, 22 Oct 1997 13:58:50 GMT

>Number:         1297
>Category:       mod_digest
>Synopsis:       mod_digest: what browsers does it work with?
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    apache
>State:          open
>Class:          sw-bug
>Submitter-Id:   apache
>Arrival-Date:   Wed Oct 22 07:00:00 PDT 1997
>Last-Modified:
>Originator:     dwilga@mtholyoke.edu
>Organization:
apache
>Release:        1.2.1
>Environment:
Linux <hostname> 2.0.30 #3 Thu Sep 4 14:34:05 EDT 1997 i686 unknown
>Description:
I have been trying to get digest auth to work. So far, I have tried Netscape Navigator 4.03
(which specifically says it supports MD5
encryption in the 'about' page) and Explorer 3.01a for the Mac.

When using Navigator, I get a '401: Forbidden' at the client and this message in the error
log:

  [Date/time] access to /admin failed for <IP address>, reason: client used wrong authentication
scheme

When using Explorer, I get only the Forbidden and no log message.

So the question is: what browsers has this feature been verified to work with? Does this sound
like user error on my part?
>How-To-Repeat:
In this case, the .htdigest file (containing the encrypted password created by the htdigest
utility)
is stored in the same folder as the .htaccess file itself. All files starting with .ht* are
protected using the <Files> segment of the .htaccess:

Contents of .htaccess

AuthType Digest
AuthName Realm
AuthDigestFile <path to .htdigest file>
AuthGroupFile /dev/null
<limit GET POST>
        order deny,allow
        deny from all
        allow from <first two octets of my domain>
        require valid-user
</limit>
<Files .ht*>
        <limit GET POST>
                order deny,allow
                deny from all
                allow from none
        </limit>
</files>

---------------------------------
Contents of .htdigest (created with htdigest utility)

dwilga:Realm:<encrypted password>
>Fix:

>Audit-Trail:
>Unformatted:


Mime
View raw message