Reputation: 19600
What is realm in htdigest?
htdigest needs the following parameters:
Usage: htdigest [-c] passwordfile realm username
What is the realm for? What value should I use to setup htdigest?
Upvotes: 7
Views: 10005
Answers (3)
Reputation: 2101
Anyway, realm denotes authentication domain for challenge-response. In the case of digest authentication realm value participates in the password hash, that why it is required when storing password files.
See https://www.rfc-editor.org/rfc/rfc2617#section-3.2.1 for details.
Upvotes: 6
Reputation: 1239
When creating passwords with htdigest, 'realm' needs to match the 'AuthName' directive in your Apache config.
e.g., if your config for digest contains this:
AuthName abc1234xyz
then the htdigest command to create users will look like this:
htdigest /path/to/digestfile abc1234xyz username
Upvotes: 0
Reputation: 41
Usually the realm is the same that the authname in your .htaccess as it will be displayed at prompt for login and password
i.e:
<Location /prived/>
AuthName "Prived zone"
AuthType Digest
AuthUserFile /var/www/authfile/priveduser
AuthGroupFile /var/www/authfile/privedgroup
AuthDigestDomain /prived/ /protect/
Require group valid-users
</Location>
htdigest -c /var/www/authfile/priveduser "Prived zone" titi
Upvotes: 4
Related Questions
- What is the exact uses of REALM term in security?
- What does OAuth 1.0 realm stand for?
- What is 'realm' in TURN server?
- What is the purpose of the realm method in AuthorizationServerSecurityConfigurer?
- What's the meaning of Realm in spring security
- What is a realm?
- Realm definition in security
- Deeper understanding about how Realm works?
- Understanding the purpose of "realm" in Basic WWW Authentication
- Challenge for realm in HttpUnit