What is the realtionship between HTTP Basic Auth and .htpasswd based Authentication?

Question

There are several approachs of the HTTP authentication: Basic Authentication, Digest Access Authentication, NTLM HTTP Authentication (any other ones)?

On the other side there is a .htaccess & .htpasswd based authenticazion on Apache web servers and an analog variant with the .htpasswd on nginx.

I want to understand: What is the .htpasswd based authentication on Apache and nginx actually. What is the realtionship between it and the HTTP Basic Authentication? Is it something like "implementation" of the concept? If yes, whuch other implementation are there?

The Basic HTTP Authentication uses a simle user:password schema.

Answer 1

There are only two standard HTTP authentication methods: Basic access authentication (part of HTTP/1.0 spec, RFC1945) and Digest access authentication (latest according to RFC2617).

.htpasswd is just a common name for a file of Apache's flat-file format used to store user credentials. It is managed by either htpasswd (basic) or htdigest (digest) command-line utilities. nginx just doesn't reinvent the wheel and uses Apache's established format. For example, on Debian there's apache2-utils with the two aforementioned utilities (and some others), so you can install utilities separately from the server.

.htaccess is just Apache's ad hoc per-directory way override configuration.