Mailing List CGatePro@mail.stalker.com Message #100676
From: Wiley Sanders <wsanders@wsanders.net>
Subject: Re: "Can do everything" rights and external authentication
Date: Tue, 14 Sep 2010 09:08:43 -0700
To: CommuniGate Pro Discussions <CGatePro@mail.stalker.com>
> I guess in
> your case you have the digest authentication enabled in HTTPA so the
> browser you use to connect to WebAdmin tries to use it. But the problem
> is that this secure authentication method requires that CGPro has access
> to plain ext (unencrypted and not hashed) version of the password ...

Thanks Dmitry, that is exactly the case. One thing is, now that I look
at it, I have "advertise digest" enabled for HTTPU as well as HTTPA
but the users have reported no problems. However, as far as I can
tell, all the HTTPU skins now handle authentication "internally"
rather than using basic or digest authentication, so the effect was
not noticed in userland.

I'm going to exit my browser to unauthenticate my HTTPA session and
test this, thanks....
-W Sanders
 St Marys College of CA
 http://wsanders.net
Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster