wiki:BookmarksProject/Authentication

Version 2 (modified by peter, 8 years ago) (diff)

as of [116/bookmarks], the digest_key is generated automatically if not present in the server.yml; added config reference section

Bookmarks Project: Authentication

You can configure authentication for all non-GET requests by adding the following to your server.yml config file:

auth: 1
htdigest: /path/to/htdigest/file
# default realm is "Bookmarks"; uncomment and change if you want to use something different
#realm: Bookmarks

The htdigest file can be created using the htdigest utility:

$ htdigest -c /path/to/htdigest/file Bookmarks user

The htdigest utility comes with the Apache webserver, or in the apache2-utils package if you don't have the full Apache and don't want to install it. The realm you use in the digest file must match the realm configuration setting ("Bookmarks" by default). See the Apache docs for more info.

Configuration Setting Reference

auth
Set to a true value to enable authentication on non-GET requests.
htdigest
Path to the htdigest credentials file. Relative paths are interpreted relative to the server_root location. Required if auth is set.
digest_key
(Optional) Secret used during digest authentication. If not provided, one is generated at server startup using Bytes::Random::Secure.