The next step in configuring Apache for digest authentication is to create an entry in httpd.conf to allow user tom to access the famed darksecrets realm.

User nobody
Group nobody
ServerName www.syroidmanor.com
ServerAdmin webmaster@syroidmanor.com
DocumentRoot /home/httpd/htdocs
ErrorLog /home/httpd/htdocs/logs/error_log
CustomLog /home/httpd/htdocs/logs/access_log custom

<VirtualHost 142.165.206.61>
ServerAdmin webmaster@syroidmanor.com
ServerName secret.syroidmanor.com
DocumentRoot /home/httpd/htdocs/test
ErrorLog /home/httpd/htdocs/test/logs/error_log
CustomLog /home/httpd/htdocs/test/logs/access_log custom

<Directory /home/httpd/htdocs/test>
AuthType Digest
AuthName darksecrets
AuthDigestFile /home/httpd/digest/authusers
require valid-user
</Directory>

</VirtualHost>>

Note that a directory block is used to encapsulate the authentication directives. The AuthType directive specifies the authentication type (digest), AuthName names the realm, and AuthDigestFile points to the digest password file. For the required directive valid-user is used. As an alternative a list of usernames could be supplied.

Digest authentication provides a reasonably secure balance between authorizing users with clear-text passwords, and a full-time encryption protocol like SSL. Unfortunately, digest authentication is dependent on browser support. The decision to authenticate users using digests should be based on whether or not you can control the browsers clients use.