jagerzhang commented on issue #7140: URL: https://github.com/apache/apisix/issues/7140#issuecomment-1138326971
> What's the user info used in digest auth? And is there any standard for the digest auth? 可以看看这几篇文章: https://en.wikipedia.org/wiki/Digest_access_authentication https://www.cnblogs.com/xiaoxiaotank/p/11078571.html https://www.cnblogs.com/xiaoxiaotank/p/11079024.html digest auth 可以理解为 Basic Auth的一个升级版,主要是解决Basic Auth鉴权使用静态头部认证带来的安全问题。在Basic Auth方式下,APISIX只需要往后端注入一个Basic Base64静态头部就能完成认证: 比如:  但是Digest则无法在网关这里静态完成,需要写一个往后端服务的认证逻辑才行实现。 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
