Digest authentication with Apache

This article is in continuation with previous and talks about setting up digest authentication with Apache.

There are few changes compared to the steps for Basic authentication.

1. Generating the password file for digest auth.

htdigest -c digest.txt secret prash

digest.txt is the password file, secret - the realm and prash is the username.

2. Create htaccess.acl under c:\wamp\www\digest-auth\ with following data

AuthUserFile C:\wamp\bin\apache\Apache2.2.11\bin\digest.txt
AuthName "Protected by Digest auth"
AuthType Digest
AuthDigestProvider file

<Limit GET POST>
require valid-user
</Limit>

‘AuthDigestProvider file’ is an additional property that needs to be mentioned for proper working of digest authentication.

3. And, last but not the least. Enable auth_digest_module by un-commenting the following line if its already commented in httpd.conf.

LoadModule auth_digest_module modules/mod_auth_digest.so

Reference : http://httpd.apache.org/docs/2.2/mod/mod_auth_digest.html