Skip to main content
IBM  
Shop Support Downloads
IBM Home Products Consulting Industries News About IBM
IBM developerWorks : Security : Education - Tutorials
Securing your Web server		ZIPPDF (letter)PDF (A4)e-mail
Main menuSection menuFeedbackPreviousNext
3. User authentication
  


Creating the digest authentication password file page 8 of 12


The program used to create the digest password file is called htdigest, and is typically located in /usr/local/bin (this location can vary based on the installation layout used). The command syntax is as follows:


htdigest [-c] passwordfile realm user

The '-c' option is only required when the file is first created; you can drop it thereafter. Realm is an arbitrary name for the authentication group you wish to create. Using different realms allows the administrator to add different users to different realms and keep all authentication information in one file. Begin by creating a directory to contain the digest password file (for example, /home/httpd/digest):


[tom@janus httpd]$ mkdir digest
[tom@janus httpd]$ cd digest
[tom@janus digest]$ /usr/local/apache/bin/htdigest -c 
	authusers darksecrets tom
Adding password for user tom in realm darksecrets.
New password: illnevertell
Re-type password: illnevertell

The htdigest command shown above creates (-c) a new file called authusers and adds the user tom to the realm darksecrets.

Note that from a client perspective digest authentication can accept, in principle, a realm or a username. Support for this is extremely spotty, however, so unless something miraculous happens to browsers between now and when you read this, using a realm for authentication is not recommended.


Main menuSection menuFeedbackPreviousNext
Privacy Legal Contact