Hi, thanks for answering. Can you please tell me why it is better to manipulate the password file directly rather than calling htdigest or htpasswd? thanks.
Marta ---------------------------------------- De: "Joshua Slive" <[EMAIL PROTECTED]> Enviado: lunes, 28 de abril de 2008 17:46 Para: users@httpd.apache.org, [EMAIL PROTECTED] Asunto: Re: [EMAIL PROTECTED] htdigest On Mon, Apr 28, 2008 at 3:28 AM, Marta Gros Marín wrote: > > Hi, > > I need my web server to be secure, so I have activated SSL and also have > different users with password, depending on the files they can see. > For those users I'm using auth method Digest, and want to manage them from > the web server (add/modify and delete them). > But I can't find how to delete an user with htdigest (like htpasswd -D user) > or add/modify an user taking the password from the command line rather than > prompting for it (like htpasswd -b user password). > Can anyone please help me? is that possible with htdigest? if it's not, then > is it secure manage users having auth method basic with SSL? I wouldn't really recommend calling htdigest or htpasswd from a CGI script, as you appear to be doing. You should write a script that manipulates the password file directly. There is some guidance here: http://httpd.apache.org/docs/trunk/misc/password_encryptions.html#digest Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
