[Solved] mod_authn_pam does not support HTTP Digest auth? (=> no)
I am referring [[https://redmine.lighttpd.net/projects/1/wiki/docs_modauth]].
Does HTTP Digest auth method does not support PAM (mod_authn_pam)?
Or is it that mod_authn_pam only works with HTTP Basic auth method.
RE: mod_authn_pam does not support HTTP Digest auth? - Added by gstrauss 11 days ago
A password is submitted to PAM during the PAM conversation. PAM validates the password. lighttpd does not get a chance to pass nonce and other info that must be used for PAM to reproduce the digest.
While it is theoretically possible to write a PAM backend which takes this information, I am not aware of one that has already been written and available open source.
If you would like to use HTTP Digest auth with a backend database, then please have a look at mod_authn_dbi. lighttpd also supports HTTP Digest auth with htdigest and plain text files.
With any HTTP Auth, you are highly encouraged to use TLS to secure the connection.