mod_digest.c
file, and
is not compiled in by default. It provides for user authentication using
MD5 Digest Authentication.
The AuthDigestFile directive sets the name of a textual file containing the list of users and encoded passwords for digest authentication. Filename is the absolute path to the user file.
The digest file uses a special format. Files in this format can be created using the "htdigest" utility found in the support/ subdirectory of the Apache distribution.
Using MD5 Digest authentication is very simple. Simply set up authentication normally. However, use "AuthType Digest" and "AuthDigestFIle" instead of the normal "AuthType Basic" and "AuthUserFile". Everything else should remain the same.
MD5 authentication provides a more secure password system, but only works with supporting browsers. As of this writing (July 1996), the majority of browsers do not support digest authentication. Therefore, we do not reccomend using this feature on a large Internet site. However, for personal and intranet use, where browser users can be controlled, it is ideal.