Thanks. > By the way, I don't think digest authentication is useful in case we > want to protect some web contents from local users or other person's > CGI.
i noticed httpdigest proto has been added to factotum. one of the suggestions in the old thread was for each user to run its own httpd. combining this with a change to the 'who' handler to redirect a ~user request to the user's httpd (port↔user mapping) should do it. each user's own httpd (probably with ssl) then challenges all incoming requests against his/her own factotum which would have a server side secret for httpdigest proto. > http://plan9.aichi-u.ac.jp/pegasus/eman-2.0/ > http://plan9.aichi-u.ac.jp/pegasus/eman-2.1/ I was able to look at 2.0 version but not 2.1.
