Recently, I wrote a mod_perl module for using a database backend for basic and digest authentication in Apache, however I found it to be much slower than mod_auth_mysql. This would be due to using mod_perl and DBI. So I have written a patch for mod_auth_mysql which performs the same, which means its as fast.
The main [...]
Posts Tagged ‘Apache’
mod_auth_mysql digest authentication patch
Posted 31st May 2009 by Andy | 2 CommentsSecure digest HTTP authentication using Webtatic::AuthDBI
Posted 24th May 2009 by Andy | No CommentsThe HTTP protocol gives a standardised way to provide authentication. This is supported via two modes:
Basic – transmit the username and password in a reversable base-64 encode
Digest – transmits complex MD5 hash of the username, realm, password, a server generated nonce, request method and request uri
Basic HTTP authentication suffers from a very easy man-in-the-middle attack, [...]