AuthName directive

Thread: AuthName directive

Search this list only Search all lists
AuthName directive
United Kingdom	2007-10-23 11:42:53
Hello, AuthName directive: "This directive sets the name of the authorization realm for a directory. This realm is given to the client so that the user knows which username and password to send." I know how AuthName works in practise, but can someone please explain what an "authorization realm" is? I take it it is not the same as a directory? -anonymous ------------------------------------------------------------ --------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://htt pd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribehttpd.apache.org " from the digest: users-digest-unsubscribehttpd.apache.org For additional commands, e-mail: users-helphttpd.apache.org

Re: AuthName directive
	2007-10-23 11:56:14
On 10/23/07, anon6565hushmail.com <anon6565hushmail.com> wrote: > Hello, > > AuthName directive: "This directive sets the name of the > authorization realm for a directory. This realm is given to the > client so that the user knows which username and password to send." > > I know how AuthName works in practise, but can someone please > explain what an "authorization realm" is? I take it it is not the > same as a directory? Check RFC 2617. The realm is the area on the server that is accessible under a given set of credentials. In practice, it is usually a specific directory and its subdirectories. But the same realm name may be used for multiple independent directories, and the browser should supply the appropriate username/password without reprompting the user if it knows them for that realm. For security reasons (to prevent stealing passwords), a realm cannot span multiple hostnames. Joshua. ------------------------------------------------------------ --------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://htt pd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribehttpd.apache.org " from the digest: users-digest-unsubscribehttpd.apache.org For additional commands, e-mail: users-helphttpd.apache.org

Re: AuthName directive
Slovakia	2007-10-24 04:25:22
> On 10/23/07, anon6565hushmail.com <anon6565hushmail.com> wrote: > > AuthName directive: "This directive sets the name of the > > authorization realm for a directory. This realm is given to the > > client so that the user knows which username and password to send." > > > > I know how AuthName works in practise, but can someone please > > explain what an "authorization realm" is? I take it it is not the > > same as a directory? On 23.10.07 12:56, Joshua Slive wrote: > The realm is the area on the server that is accessible under a given > set of credentials. In practice, it is usually a specific directory > and its subdirectories. But the same realm name may be used for > multiple independent directories, and the browser should supply the > appropriate username/password without reprompting the user if it knows > them for that realm. For security reasons (to prevent stealing > passwords), a realm cannot span multiple hostnames. Note that when you use different access rights (in subdirectories or different paths), you must use different realms. Otherwise, the browser (and the user) may get confused that once it can get to the area, once not. OTOH, when usine the same privileges in more directories within the same server, you may use the same realms. So, when you have webserver with some public (unprotected) data, more (protected) applications, each in the different subdirectory, and admin area under each of them, where all applications have the same userlist (e.g. valid_user with the same user database) and each admin area the same list/group of admins, You can use one realm for applications and one realm for admin areas. -- Matus UHLAR - fantomas, uhlarfantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Depression is merely anger without enthusiasm. ------------------------------------------------------------ --------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://htt pd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribehttpd.apache.org " from the digest: users-digest-unsubscribehttpd.apache.org For additional commands, e-mail: users-helphttpd.apache.org

[1-3]

about | contact Other archives ( Real Estate discussion Medical topics )