Project

General

Profile

[Solved] mod_authn_pam does not support HTTP Digest auth? (=> no)

Added by kthaore 12 days ago

I am referring [[https://redmine.lighttpd.net/projects/1/wiki/docs_modauth]].

Does HTTP Digest auth method does not support PAM (mod_authn_pam)?
Or is it that mod_authn_pam only works with HTTP Basic auth method.


Replies (1)

RE: mod_authn_pam does not support HTTP Digest auth? - Added by gstrauss 11 days ago

A password is submitted to PAM during the PAM conversation. PAM validates the password. lighttpd does not get a chance to pass nonce and other info that must be used for PAM to reproduce the digest.

While it is theoretically possible to write a PAM backend which takes this information, I am not aware of one that has already been written and available open source.

If you would like to use HTTP Digest auth with a backend database, then please have a look at mod_authn_dbi. lighttpd also supports HTTP Digest auth with htdigest and plain text files.

With any HTTP Auth, you are highly encouraged to use TLS to secure the connection.

    (1-1/1)