SSL/TLS is the socket/transport layer security and auth digest is a challenge-response process usig no-clear text credentials. How? The most of the web explorers can pass credentials from forms to the server either in clear text or hashed (MD5), and my propose was do it hashed.
Now, about the mod-auth-mysql and mod-auth-ldap: of course if you have't field experience you can think both methods could be complicated but in both cases is quite easy to create a table/schema, populate it with info and start authenticate.
Both works fine with posix info for virtual users, no probs ;) Stephen R Laniel wrote:
On Sun, Jul 31, 2005 at 03:41:02PM +0200, jonathan gonzalez wrote:i recomend you mod-auth-mysql and mod-auth-ldap. Aditionally you can try testing the digest authentication (MD5) instead of clear text credentials.I think I'd just use SSL rather than MD5 authentication. Others have suggested mod_auth_pam. My concern with using PAM, come to think of it, is that my client's site is using virtual hosts. I don't want every shell user to have access to every virtual host. For hackish reasons, shell users have names like 'johnsmith-example-com' for user johnsmith on host example.com. So: 1) Does anyone know whether mod_auth_pam would have the problem that I mentioned? And 2) Do mod_auth_mysql and mod_auth_ldap play nicely with virtual hosts? I have literally zero experience with LDAP and MySQL, so this will be an education for me.
Attachment:
signature.asc
Description: OpenPGP digital signature