{"id":60,"date":"2007-08-12T22:54:34","date_gmt":"2007-08-12T14:54:34","guid":{"rendered":"http:\/\/broso.twbbs.org\/blojsom\/blog\/default\/ITTech\/Apache\/?permalink=Apache-Basic-Digest-Realm-Authentication.html"},"modified":"2007-08-12T22:54:34","modified_gmt":"2007-08-12T14:54:34","slug":"apache-basic-digest-realm-authentication","status":"publish","type":"post","link":"https:\/\/cychien.tw\/wordpress\/2007\/08\/12\/apache-basic-digest-realm-authentication\/","title":{"rendered":"Apache Basic \/ Digest Realm Authentication"},"content":{"rendered":"

\u6700\u8fd1\u60f3\u91dd\u5c0d Broso \u7279\u5b9a\u7cfb\u7d71\u7d71\u8a08\u529f\u80fd\u505a\u8eab\u4efd\u6aa2\u6838\u7684\u52d5\u4f5c\uff0c\u65bc\u662f\u7a0d\u5fae\u7814\u7a76\u4e86\u4e00\u4e0b\u91dd\u5c0d HTTP \u5354\u5b9a\u4e2d\u6709\u95dc\u65bc\u8eab\u4efd\u9a57\u8b49\u7684\u6a5f\u5236\u3002
\nHTTP \u5354\u5b9a\u91dd\u5c0d\u8eab\u4efd\u9a57\u8b49\u5206\u5169\u7a2e\u6a21\u5f0f\uff0cBasic Realm \/ Digest Realm\u3002Basic Realm \u50c5\u5c07\u5e33\u865f\u5bc6\u78bc\u7528\u6a19\u6e96 BASE64 \u4f86\u505a\u7de8\u78bc\u5f8c\uff0c\u4e0a\u9001\u7d66 Web Server \u4f86\u9a57\u8b49\uff0c\u6240\u4ee5\u6709\u5fc3\u4eba\u5176\u5be6\u53ef\u4ee5\u900f\u904e Sniffer \u4e4b\u985e\u7684\u8edf\u9ad4\u4f86\u9032\u884c\u5074\u9304\uff0c\u518d\u7528 BASE64 \u89e3\u78bc\u5373\u53ef\u5f97\u77e5\u5e33\u865f\u5bc6\u78bc\u3002<\/p>\n\nDigest Realm \u5247\u662f\u70ba\u4e86\u89e3\u6c7a\u4e0a\u8ff0 Basic Realm \u7684\u7f3a\u9ede\uff0c\u63a1\u7528\u4e00\u822c Unix \u5132\u5b58\/\u9a57\u8b49\u5bc6\u78bc\u7684\u65b9\u5f0f\uff0c\u6bcf\u6b21\u700f\u89bd\u5668\u8981\u6c42\u9023\u7dda\uff0cWeb Server \u6703\u56de\u8986\u4e00\u7d44\u96a8\u6a5f\u7522\u751f\u7684 nonce value\u3002\u700f\u89bd\u5668\u5247\u5c07\u5e33\u865f\/\u5bc6\u78bc\/nonce\/GET(or POST)\u4ee5\u53ca URI \u7b49\u53c3\u6578\uff0c\u4f9d\u6307\u5b9a\u7684 hash function \u505a\u6210\u8a0a\u606f\u6458\u8981( Digest)\uff0c\u518d\u5c07 Digest \u4e0a\u50b3\u5230 WebServer \u9a57\u8b49\uff0c\u5982\u6b64\u4e00\u4f86\u4e0a\u9001\u7684 Digest \u6bcf\u6b21\u7686\u6703\u4e0d\u540c\uff0c\u85c9\u4ee5\u907f\u514d\u88ab\u6709\u5fc3\u4eba\u58eb\u6240\u5074\u9304\u3002<\/p>\n\n\u4ee5\u4e0a\u53ef\u53c3\u8003 RFC 2617 – HTTP Authentication: Basic and Digest Access Authentication<\/a><\/p>\n\n

Apache \u5df2\u7d93\u5be6\u4f5c\u4e0a\u8ff0\u5169\u7a2e\u6a5f\u5236\uff0cmod_auth \u6a21\u7d44\u50c5\u652f\u63f4 Basic Realm\u3002\u800c mod_auth_digest \u5247\u662f\u652f\u63f4 Digest Realm\u3002\u4e0d\u904e\u5982\u679c Apache \u662f\u6293\u9810\u5148\u7de8\u8b6f\u597d\u7684\u7684 binary\uff0c\u6216\u662f\u7de8\u8b6f\u6642\u672a\u7279\u5225\u6307\u5b9a\uff0c\u90a3\u9ebc\u9810\u8a2d\u662f\u4e0d\u5305\u542b mod_auth_digest \u6a21\u7d44\u3002<\/p>\n\n

\u6b65\u9a5f\u4e00\uff1a\u91cd\u65b0\u7de8\u8b6f APACHE.<\/p>\n\n\u7531\u65bc\u6211\u5148\u524d\u7684 Apache 2.0.55 \u4e26\u672a\u7279\u5225\u6307\u660e\u8981\u555f\u7528 mod_auth_digest\uff0c\u65bc\u662f\u6211\u91cd\u65b0\u4e0b\u8f09 Apache 2.0.59 \u56de\u4f86\u91cd\u65b0\u7de8\u8b6f\u3002
\n\u57f7\u884c configure \u6307\u4ee4\u5982\u4e0b<\/p>\n\n.\/configure –enable-auth-digest –prefix=<APACHE_INSTALL_DIR><\/p>\n\n\u5982\u6b64\u7de8\u8b6f\u6642\u5c31\u6703\u81ea\u52d5\u5c07 mod_auth_digest \u52a0\u5165\u3002\u63a5\u8457\u4f5c make, make install \u5c31\u5b8c\u6210\u4e86\u3002<\/p>\n\n\u6b65\u9a5f\u4e8c\uff1a\u7522\u751f Digest \u5e33\u865f\u5bc6\u78bc\u6a94<\/p>\n\n\u63a5\u4e0b\u4f86\u5148\u7522\u751f\u4e00\u7d44\u5e33\u865f\u5bc6\u78bc\u8a2d\u5b9a\u6a94\uff0c\u6bcf\u7d44\u5e33\u865f\u5bc6\u78bc\u90fd\u9700\u91dd\u5c0d\u7279\u5b9a\u7684 realm \u7368\u7acb\u8a2d\u5b9a\u3002\u9700\u4f7f\u7528 <APACHE_INSTALL_DIR>\/bin\/htdigest \u6307\u4ee4\u4f86\u7522\u751f\u5bc6\u78bc\u6a94\u3002
\n\u6307\u4ee4\u683c\u5f0f<\/p>\n\n<APACHE_INSTALL_DIR>\/bin\/htdigest -c <path>\/<digest_password_file_name> <realm name> <user id><\/p>\n\n

-c \u4ee3\u8868\u8981\u7522\u751f\u4e00\u500b\u65b0\u7684\u5bc6\u78bc\u6a94\uff0c\u5982\u679c\u6a94\u540d\u5df2\u7d93\u5b58\u5728\uff0c\u5c31\u6703\u88ab\u8986\u84cb\u3002\u6240\u4ee5\u5982\u679c\u60f3\u7e7c\u7e8c\u589e\u52a0\u65b0\u7684\u5e33\u865f\u5bc6\u78bc\uff0c\u5c31\u7121\u9808\u52a0\u4e0a -c \u5373\u53ef
\n\u5f8c\u9762\u63a5\u4e0a\u5bc6\u78bc\u6a94\u7684\u8def\u5f91\u8207\u6a94\u540d\uff0c\u4ee5\u53ca\u8981\u6aa2\u6838\u5bc6\u78bc\u7684 “\u9818\u57df(realm)” (\u610f\u6307\u700f\u89bd\u5668 popup \u8996\u7a97\uff0c\u63d0\u793a\u8f38\u5165\u5e33\u865f\u5bc6\u78bc\u6642\uff0c\u4e0a\u9762\u986f\u793a\u7684\u540d\u7a31)\uff0c\u6700\u5f8c\u662f\u5e33\u865f\u540d\u7a31
\n\u4e4b\u5f8c htdigest \u6703\u8a62\u554f\u5169\u6b21\u5bc6\u78bc\u5f8c\u5c31\u5b8c\u6210\u5efa\u7acb\u5bc6\u78bc\u6a94\u3002<\/p>\n\n\u4f8b\u5982\uff1a\u6211\u8981\u91dd\u5c0d \/mymrtg \u8207 \/awstats \u5169\u500b\u76ee\u9304\u9032\u884c\u8eab\u4efd\u6aa2\u6838\uff0c\u5c31\u9700\u91dd\u5c0d\u9019\u5169\u500b\u9818\u57df\u4f86\u5efa\u7acb\u5e33\u865f\u5bc6\u78bc<\/p>\n\nhtdigest -c <somewhere>\/digestpasswd “MYMRTG” <user_id>
\nhtdigest <somewhere>\/digestpasswd “AWSTATS” <user_id><\/p>\n\n\u5c46\u6642\u700f\u89bd\u5668\u63d0\u793a\u5e33\u865f\u5bc6\u78bc\u8f38\u5165\u6642\uff0c\u5c31\u6703\u986f\u793a\u76ee\u524d\u8981\u60a8\u8f38\u5165\u7684\u9818\u57df\u662f MYMRTG \u6216\u662f AWSTATS<\/p>\n\n

\u6b65\u9a5f\u4e09\uff1a\u8abf\u6574 httpd.conf<\/p>\n\n\u91dd\u5c0d\u6bcf\u500b\u8981\u4f5c\u8eab\u4efd\u6aa2\u6838\u7684\u7684\u9818\u57df\u4f5c\u8a2d\u5b9a<\/p>\n\n<Directory “<somewhere>\/mymrtg”>
\n   AuthType Digest \u2192 \u6307\u5b9a\u4f7f\u7528 Digest Realm Authentication
\n   AuthName “MYMRTG” \u2192 \u6307\u5b9a\u9818\u57df\u540d\u7a31
\n   AuthDigestFile <somewhere>\/<digest_password_file_name> \u2192 \u6307\u5b9a\u5e33\u865f\u5bc6\u78bc\u6a94\u8def\u5f91\u8207\u6a94\u540d
\n   Require user <allowed user id> \u2192 \u9019\u88e1\u6307\u5b9a\u5141\u8a31\u4f7f\u7528\u7684 user id<\/p>\n\n   …
\n   …
\n<\/Directory><\/p>\n\n\u8a2d\u5b9a\u5b8c\u7562\u91cd\u8d77 Apache \u5373\u53ef<\/p>\n\n","protected":false},"excerpt":{"rendered":"

\u6700\u8fd1\u60f3\u91dd\u5c0d Broso \u7279\u5b9a\u7cfb\u7d71\u7d71\u8a08\u529f\u80fd\u505a\u8eab\u4efd\u6aa2\u6838\u7684\u52d5\u4f5c\uff0c\u65bc\u662f\u7a0d\u5fae\u7814\u7a76\u4e86\u4e00\u4e0b\u91dd\u5c0d HTTP \u5354\u5b9a\u4e2d\u6709\u95dc\u65bc\u8eab\u4efd\u9a57 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[14],"tags":[],"class_list":["post-60","post","type-post","status-publish","format-standard","hentry","category-ittechapache"],"_links":{"self":[{"href":"https:\/\/cychien.tw\/wordpress\/wp-json\/wp\/v2\/posts\/60","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cychien.tw\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cychien.tw\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cychien.tw\/wordpress\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cychien.tw\/wordpress\/wp-json\/wp\/v2\/comments?post=60"}],"version-history":[{"count":0,"href":"https:\/\/cychien.tw\/wordpress\/wp-json\/wp\/v2\/posts\/60\/revisions"}],"wp:attachment":[{"href":"https:\/\/cychien.tw\/wordpress\/wp-json\/wp\/v2\/media?parent=60"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cychien.tw\/wordpress\/wp-json\/wp\/v2\/categories?post=60"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cychien.tw\/wordpress\/wp-json\/wp\/v2\/tags?post=60"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}