Implement Digest authentication

naquah - November 14, 2006 - 23:38
Project:HTTP authentication
Version:4.7.x-1.x-dev
Component:Code
Category:task
Priority:normal
Assigned:naquah
Status:won't fix
Description

Solution is probably to use Digest instead of the Basic authentication method.

#1

naquah - December 9, 2006 - 09:35
Title:Work nicely with multiple authentication realms» Implement Digest authentication

...in order to work nicely with multiple authentication realms.

#2

naquah - December 10, 2006 - 23:06

...and in order to solve #97931.

#3

naquah - December 28, 2006 - 22:53
Status:active» won't fix

Just reading about Digest authentication and apparently it requires a plain-text password, or a MD5 hash of the password with the username and realm attached, in order to be able to negotiate with the client. Heh, that [verb meaning not very nice]. Stupid me.

One solution is to make users 'enable' digest authentication for their account by specifying their password... bad idea.

Setting this to won't fix until it is absolutely necessary for something.

 
 

Drupal is a registered trademark of Dries Buytaert.