We'll keep this open, but it's not going to be something we
will be adding soon, if at all.
Digest authentication is much different than basic
authentication, and I'm not sure how we can roll both of
them into one module. Even apache has two different modules
(mod_auth and mod_digest) to handle the differences.
Additionally, there is a bug in MS's Internet Explorer when
using digest authentication - it does not produce the
correct value if you have parameters in your request.
But we will look at it and see if it is possible.
Jerry
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I understand you might not be interested in compatibility
with IE, but as this is a public module, we need to be
concerned with what everyone uses. IE is still the most
widely used browser in the world, and we can't come out with
a module which breaks when using IE.
As I said - we'll look into it, but won't promise anything.
Jerry
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Logged In: YES
user_id=1049703
We'll keep this open, but it's not going to be something we
will be adding soon, if at all.
Digest authentication is much different than basic
authentication, and I'm not sure how we can roll both of
them into one module. Even apache has two different modules
(mod_auth and mod_digest) to handle the differences.
Additionally, there is a bug in MS's Internet Explorer when
using digest authentication - it does not produce the
correct value if you have parameters in your request.
But we will look at it and see if it is possible.
Jerry
Logged In: NO
Compatability with IE is not important - I'm only interested in
keeping passwords secure on our LAN.
Logged In: YES
user_id=1049703
Hi Eric (at least I think this is Eric),
I understand you might not be interested in compatibility
with IE, but as this is a public module, we need to be
concerned with what everyone uses. IE is still the most
widely used browser in the world, and we can't come out with
a module which breaks when using IE.
As I said - we'll look into it, but won't promise anything.
Jerry
Logged In: YES
user_id=1821766
Originator: NO
?
I have written a patch to mod_auth_mysql to use mod_auth_digest in httpd 2.2 +
http://www.webtatic.com/blog/2009/05/patch-for-mod_auth_mysql-to-allow-digest-authentication/
As for the Internet Explorer bug, mod_auth_digest has a workaround that makes it work correctly
BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On