Thomas,
You have a couple of options.
First is to use calls to htpasswd()
system("$apacheroot/bin/htpasswd", "-b", "/path/to/passwordfile",
"username", "password")
The second, which is more efficient than starting a htpasswd process, is
to use perl's crypt(), create a password, and then append it to your
password file.
It's my understanding, that if your form starts in HTTPS, you can use
basic auth and SSL will protect that along with the rest of your data.
regards,
--
Cody Sherr
Engineer
Covalent Technologies
phone: (415)536-5292
email: [EMAIL PROTECTED]
On Wed, 15 Aug 2001, Thomas Bach wrote:
> Hello list
>
> it's now the fifth time i went looking to find sth on the web, but i didn't
> find anything. So perhaps it could be a little bit ot, sorry for that.
>
> I'm running a project using apache (mod_perl/mod_ssl/mySQL) on Linux for
> which i would change the authetication mechanism to mod_auth_digest, and
> i've the following questions:
>
> is the digest-authentication really necessary, when using mod_ssl, or would
> a basic-authetication be enough?
> For the moment i'm using a authentication over a form with session-cookies.
> Perhaps it is secure enough if i expand it (make it unpossible, to make a
> bot trying every cookie-value, and so on ...)?
>
> i have created a browser-front-end for the user-management. How is it
> possible to add/delete over Perl a new user/passwort to the digest-pw-file?
> I tryed it with open(), system(), ... but without any success.
>
> Thank you for every hint or URL ;oP
>
> Thomas Bach
>
>
> <><><><><><><><>
> think karo...
> bkaro.net
>
>
