A few weeks ago I wanted to enable digest authentication on an Apache 2.2 web server. I got basic authentication working within minutes, but I didn’t want to send plain text passwords over the web, so how difficult could it be?
I followed some tutorial on the net but despite following the instructions throughly, all I could get was an error message in my
Invalid command 'AuthDigestFile', perhaps misspelled or defined by a module not included in the server configuration
It turns out that the
AuthDigestFile configuration command from Apache 2.0 and earlier (see 1.3 docs or 2.2 docs) doesn’t work on Apache 2.2 anymore. In 2.2, you use
AuthUserFile, just like with basic authentication.
It’s all in mod_auth_digest’s documentation, including a nice, working example. It didn’t occur to me until late that the tutorial I had found on the net could have been outdated. Oh well.