>>> [EMAIL PROTECTED] 01/19/00 11:57AM >>>
>The reason for doing this is, that I want my users to authenticate
>against apache through some module ( mod_auth_nds, actually,
>but it could be any auth module ) and by their authentication /
>authorization define, how ca use which Internet resources.
>I do not want their NDS password going over the net in plain text,
though.
If I understand what you're wanting, it's straightforward...
All you have to do is set it up so that the browser connects to your
server with HTTPS to get to the authorization-required pages. At that
point, both the request (including the username/password header) and the
response (the page itself) are encrypted.
Does that make sense? I can explain further...
--Cliff
Cliff Woolley
Central Systems Software Administrator
Washington and Lee University
http://www.wlu.edu/~jwoolley/
Work: (540) 463-8089
Pager: (540) 462-2303
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
