[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
htpasswd [Re: Features...]
From: |
Christian Hopp |
Subject: |
htpasswd [Re: Features...] |
Date: |
Tue, 30 Sep 2003 12:30:46 +0200 (CEST) |
On Fri, 26 Sep 2003, Jan-Henrik Haukeland wrote:
> >>3) Auth via htpasswd...
> >>
> >> auth /path [user, ...]
> >>
> >> where "path" is the fq path it the corresponding htpasswd and
> >> "user" is a user grant access. If user is omitted all users do have
> >> access.
> >>
> > This can be usefull :)
It's gonna be tricky...
The htpasswd file stores the password in MD5/crypt/cleartext.
Q: shall we support any other then cleartext?
=> We cannot use any of these users for the monit cli program. We "have
to" transmit the base64 encoded cleartext pwd.
Solution 1: We do require at least one "system user credential" with
cleartext pwd in monitrc.
Solution 2: We do move to Digest Authorization (->HTTP/1.1)... a little
bit more complicated... it uses MD5 digests:
http://ftp.ics.uci.edu/pub/ietf/http/rfc2617.txt
Solution 3: We do only support htpasswd with cleantext pwds.
By now monit supports only one user credential.
Q: shall we support from now on more then one user?
Opinions?
CHopp
--
Christian Hopp email: address@hidden
Institut für Elektrische Informationstechnik fon: +49-5323-72-2113
TU Clausthal, Leibnizstr. 28, 38678 Clausthal-Zellerf. fax: +49-5323-72-3197
pgpkey: https://www.iei.tu-clausthal.de/pgp-keys/
- Features..., Christian Hopp, 2003/09/26
- Re: Features..., Jan-Henrik Haukeland, 2003/09/26
- htpasswd [Re: Features...],
Christian Hopp <=