I could, but since shttpd already has the core functionality, then why
configure shttpd to do it. One less service to install & maintain, and for all
practical purposes this should be doable if I can get the right headers.
Found this wiki on digest authentication.
http://en.wikipedia.org/wiki/Digest_access_authentication since my posting,
which is very helpful.
So I figure this is a reasonable how-to guide,
- I set the nonce to an appropriate random number
- Realm is defined by shttpd config file, as well as username
password.
- The md5 stuff is already built into shttpd, and there are numerous
md5 snippets for any programming environment you could want.
- Once I authenticate, I can let shttpd tell the other program what
port number it should use for the cgi that will come next (I THINK)
So is this the right path, am I missing anything, advice – if you say bad, bad
idea don’t do it, then you’ll talk me out. But I’d sure like to have something
simple and elegant.
From: Sergey Lyubka [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 19, 2008 4:49 PM
To: David Lethe
Cc: [email protected]
Subject: Re: [shttpd-general] How to structure HTML to automate SSL
authentication remote agent with daemon script
Would it make more sence to delegate authentication to other service, that does
it well? Remote daemon would just pass credentials in some HTTP header, shttpd
then would ask the service to authenticate the daemon, and then process the
request?
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
shttpd-general mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shttpd-general
