Closed (won't fix)
Project:
HTTP authentication
Version:
4.7.x-1.x-dev
Component:
Code
Priority:
Normal
Category:
Task
Assigned:
Reporter:
Created:
14 Nov 2006 at 23:38 UTC
Updated:
28 Dec 2006 at 22:53 UTC
Solution is probably to use Digest instead of the Basic authentication method.
Comments
Comment #1
decafdennis commented...in order to work nicely with multiple authentication realms.
Comment #2
decafdennis commented...and in order to solve #97931.
Comment #3
decafdennis commentedJust reading about Digest authentication and apparently it requires a plain-text password, or a MD5 hash of the password with the username and realm attached, in order to be able to negotiate with the client. Heh, that [verb meaning not very nice]. Stupid me.
One solution is to make users 'enable' digest authentication for their account by specifying their password... bad idea.
Setting this to won't fix until it is absolutely necessary for something.