<-
Apache > HTTP Server > Documentation > Version 2.4 > ¸ðµâ

¾ÆÆÄÄ¡ ¸ðµâ mod_auth_digest

°¡´ÉÇÑ ¾ð¾î:  en  |  fr  |  ko 

ÀÌ ¹®¼­´Â ÃÖ½ÅÆÇ ¹ø¿ªÀÌ ¾Æ´Õ´Ï´Ù. ÃÖ±Ù¿¡ º¯°æµÈ ³»¿ëÀº ¿µ¾î ¹®¼­¸¦ Âü°íÇϼ¼¿ä.
¼³¸í:MD5 Digest AuthenticationÀ» »ç¿ëÇÑ »ç¿ëÀÚÀÎÁõ.
»óÅÂ:Experimental
¸ðµâ¸í:auth_digest_module
¼Ò½ºÆÄÀÏ:mod_auth_digest.c

¿ä¾à

ÀÌ ¸ðµâÀº HTTP Digest AuthenticationÀ» ±¸ÇöÇÑ´Ù. ±×·¯³ª ¸¹Àº Å×½ºÆ®¸¦ °ÅÄ¡Áö ¾ÊÀº ½ÇÇèÀûÀÎ ¸ðµâÀÌ´Ù.

ÁÖÁ¦

Áö½Ã¾îµé

Bugfix checklist

Âü°í

top

Digest Authentication »ç¿ëÇϱâ

MD5 Digest authenticationÀº ¸Å¿ì ½±°Ô »ç¿ëÇÒ ¼ö ÀÖ´Ù. AuthType Basic°ú AuthBasicProvider ´ë½Å AuthType Digest¿Í AuthDigestProvider¸¦ »ç¿ëÇÏ¿© °£´ÜÈ÷ ÀÎÁõÀ» ¼³Á¤ÇÒ ¼ö ÀÖ´Ù. ±×¸®°í ÃÖ¼ÒÇÑ º¸È£ÇÏ·Á´Â ¿µ¿ªÀÇ ±âº» URIÀ» AuthDigestDomain Áö½Ã¾î¿¡ »ç¿ëÇÑ´Ù.

htdigest µµ±¸¸¦ »ç¿ëÇÏ¿© »ç¿ëÀÚ (¹®ÀÚ)ÆÄÀÏÀ» ¸¸µé ¼ö ÀÖ´Ù.

¿¹Á¦:

<Location /private/>
AuthType Digest
AuthName "private area"
AuthDigestDomain /private/ https://mirror.my.dom/private2/

AuthDigestProvider file
AuthUserFile /web/auth/.digest_pw
Require valid-user
</Location>

ÁÖÀÇ

Digest authenticationÀº Basic authenticationº¸´Ù ´õ ¾ÈÀüÇÏÁö¸¸, ºê¶ó¿ìÀú°¡ Áö¿øÇØ¾ß ÇÑ´Ù. 2002³â 11¿ù ÇöÀç digest authenticationÀ» Áö¿øÇÏ´Â ºê¶ó¿ìÀú¿¡´Â Amaya, Konqueror, (Windows¿ëÀº ÁúÀǹ®ÀÚ¿­°ú ÇÔ²² »ç¿ëÇÏ¸é ¾ÈµÇÁö¸¸ - ÇØ°á¹æ¹ýÀº ¾Æ·¡ "MS Internet Explorer ¹®Á¦ ÇØ°áÇϱâ"¸¦ Âü°í) Mac OS X¿Í Windows¿ë MS Internet Explorer, Mozilla, Netscape ¹öÀü 7, Opera, Safari µîÀÌ ÀÖ´Ù. lynx´Â digest authenticationÀ» Áö¿øÇÏÁö ¾Ê´Â´Ù. digest authenticationÀÌ basic authentication ¸¸Å­ ³Î¸® ±¸ÇöµÇÁö ¾Ê¾Ò±â¶§¹®¿¡ ¸ðµç »ç¿ëÀÚ°¡ Áö¿øÇÏ´Â ºê¶ó¿ìÀú¸¦ »ç¿ëÇÏ´Â °æ¿ì¿¡¸¸ »ç¿ëÇØ¾ß ÇÑ´Ù.

top

MS Internet Explorer ¹®Á¦ ÇØ°áÇϱâ

ÇöÀç Windows¿ë Internet Explorer´Â Digest authentication »ç¿ë½Ã ÁúÀǹ®ÀÚ¿­ÀÌ ÀÖ´Â GET ¿äûÀ» RFC¿Í ´Ù¸£°Ô ó¸®ÇÏ´Â ¹®Á¦°¡ ÀÖ´Ù. ¸î°¡Áö ¹æ¹ýÀ¸·Î ÀÌ ¹®Á¦¸¦ ÇØ°áÇÒ ¼ö ÀÖ´Ù.

ù¹ø°´Â ÇÁ·Î±×·¥¿¡ ÀڷḦ ³Ñ°ÜÁÖ±âÀ§ÇØ GET ´ë½Å POST ¿äûÀ» »ç¿ëÇÏ´Â ¹æ¹ýÀÌ´Ù. ÀÌ ¹æ¹ýÀÌ °¡´ÉÇÏ´Ù¸é °¡Àå °£´ÜÇÑ ÇØ°áÃ¥ÀÌ´Ù.

¶Ç, ¾ÆÆÄÄ¡ 2.0.51ºÎÅÍ AuthDigestEnableQueryStringHack ȯ°æº¯¼ö¸¦ Á¦°øÇÏ¿© ¹®Á¦¸¦ ÇØ°áÇÑ´Ù. ¿äû¿¡ AuthDigestEnableQueryStringHackÀ» ¼³Á¤ÇÏ¸é ¾ÆÆÄÄ¡´Â MSIE ¹ö±×¸¦ ÇÇÇØ°¥ Á¶Ä¡¸¦ ÃëÇÏ°í ¿äû URI¸¦ digest ºñ±³¿¡¼­ Á¦¿ÜÇÑ´Ù. ÀÌ ¹æ¹ýÀº ´ÙÀ½°ú °°ÀÌ »ç¿ëÇÑ´Ù.

MSIE¿¡¼­ Digest Authentication »ç¿ëÇϱâ:

BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On

¼±ÅÃÀûÀΠȯ°æº¯¼ö ¼³Á¤¿¡ ´ëÇÑ ÀÚ¼¼ÇÑ ³»¿ëÀº BrowserMatch Áö½Ã¾î¸¦ Âü°íÇ϶ó.

top

AuthDigestAlgorithm Áö½Ã¾î

¼³¸í:digest authentication¿¡¼­ challenge¿Í response hash¸¦ °è»êÇÏ´Â ¾Ë°í¸®ÁòÀ» ¼±ÅÃÇÑ´Ù
¹®¹ý:AuthDigestAlgorithm MD5|MD5-sess
±âº»°ª:AuthDigestAlgorithm MD5
»ç¿ëÀå¼Ò:directory, .htaccess
Override ¿É¼Ç:AuthConfig
»óÅÂ:Experimental
¸ðµâ:mod_auth_digest

AuthDigestAlgorithm Áö½Ã¾î´Â challenge¿Í response hash¸¦ °è»êÇÏ´Â ¾Ë°í¸®ÁòÀ» ¼±ÅÃÇÑ´Ù.

MD5-sess´Â ¾ÆÁ÷ ¿ÏÀüÈ÷ ±¸ÇöµÇÁö ¾Ê¾Ò´Ù.
top

AuthDigestDomain Áö½Ã¾î

¼³¸í:digest authentication¿¡¼­ °°Àº º¸È£¿µ¿ª¿¡ ¼ÓÇÏ´Â URIµé
¹®¹ý:AuthDigestDomain URI [URI] ...
»ç¿ëÀå¼Ò:directory, .htaccess
Override ¿É¼Ç:AuthConfig
»óÅÂ:Experimental
¸ðµâ:mod_auth_digest

AuthDigestDomain Áö½Ã¾î´Â °°Àº º¸È£¿µ¿ª¿¡ ÀÖ´Â (¿¹¸¦ µé¾î °°Àº ¿µ¿ª°ú »ç¿ëÀÚ¸í/¾ÏÈ£ Á¤º¸¸¦ »ç¿ëÇÏ´Â) URIµéÀ» ÁöÁ¤ÇÑ´Ù. ÁöÁ¤ÇÑ URI´Â Á¢µÎ»ç·Î »ç¿ëÇÑ´Ù. Ŭ¶óÀ̾ðÆ®´Â URI "¾Æ·¡" ¸ðµÎ¸¦ °°Àº »ç¿ëÀÚ¸í/¾ÏÈ£·Î º¸È£ÇÑ´Ù°í °¡Á¤ÇÑ´Ù. URI´Â (Áï, ½ºÅ´(scheme), È£½ºÆ®, Æ÷Æ® µîÀ» Æ÷ÇÔÇÏ´Â) Àý´ë URLÀ̰ųª »ó´ë URIÀÌ´Ù.

ÀÌ Áö½Ã¾î´Â Ç×»ó ÁöÁ¤ÇØ¾ß Çϸç, ÃÖ¼ÒÇÑ ¿µ¿ªµéÀÇ ±âº» URI(µé)¸¦ Æ÷ÇÔÇØ¾ß ÇÑ´Ù. »ý·«Çϸé Ŭ¶óÀ̾ðÆ®´Â ÀÌ ¼­¹ö·Î º¸³»´Â ¸ðµç ¿äû¿¡ Authorization Çì´õ¸¦ Æ÷ÇÔÇÑ´Ù. ±×·¯¸é ¿äûÀÇ Å©±â°¡ Ä¿Áö¸ç, AuthDigestNcCheck¸¦ »ç¿ëÇÑ´Ù¸é ¼º´É¿¡ ³ª»Û ¿µÇâÀ» ÁÙ ¼ö ÀÖ´Ù.

´Ù¸¥ ¼­¹öÀÇ URI¸¦ ÁöÁ¤Çϸé, (À̸¦ ÀÌÇØÇÏ´Â) Ŭ¶óÀ̾ðÆ®´Â ¿©·¯ ¼­¹ö¸¶´Ù ¸Å¹ø »ç¿ëÀÚ¿¡°Ô ¹¯Áö¾Ê°í °°Àº »ç¿ëÀÚ¸í/¾ÏÈ£¸¦ »ç¿ëÇÒ ¼ö ÀÖ´Ù.

top

AuthDigestNonceLifetime Áö½Ã¾î

¼³¸í:¼­¹ö nonce°¡ À¯È¿ÇÑ ±â°£
¹®¹ý:AuthDigestNonceLifetime seconds
±âº»°ª:AuthDigestNonceLifetime 300
»ç¿ëÀå¼Ò:directory, .htaccess
Override ¿É¼Ç:AuthConfig
»óÅÂ:Experimental
¸ðµâ:mod_auth_digest

AuthDigestNonceLifetime Áö½Ã¾î´Â ¼­¹ö nonce°¡ À¯È¿ÇÑ ±â°£À» Á¶ÀýÇÑ´Ù. Ŭ¶óÀ̾ðÆ®°¡ ¸¸±âµÈ nonce¸¦ °¡Áö°í ¼­¹ö¿¡ Á¢±ÙÇÏ¸é ¼­¹ö´Â stale=true¿Í ÇÔ²² 401À» ¹ÝȯÇÑ´Ù. seconds°¡ 0º¸´Ù Å©¸é nonce°¡ À¯È¿ÇÑ ±â°£À» ÁöÁ¤ÇÑ´Ù. ¾Æ¸¶µµ 10 Ãʺ¸´Ù ÀÛ°Ô ¼³Á¤ÇÏ¸é ¾ÈµÈ´Ù. seconds°¡ 0º¸´Ù ÀÛÀ¸¸é nonce´Â ¿µ¿øÈ÷ ¸¸±âµÇÁö ¾Ê´Â´Ù.

top

AuthDigestProvider Áö½Ã¾î

¼³¸í:ÀÌ À§Ä¡¿¡ ´ëÇÑ ÀÎÁõÁ¦°øÀÚ¸¦ ÁöÁ¤ÇÑ´Ù
¹®¹ý:AuthDigestProvider On|Off|provider-name [provider-name] ...
±âº»°ª:AuthDigestProvider On
»ç¿ëÀå¼Ò:directory, .htaccess
Override ¿É¼Ç:AuthConfig
»óÅÂ:Experimental
¸ðµâ:mod_auth_digest

AuthDigestProvider Áö½Ã¾î´Â ÀÌ À§Ä¡¿¡¼­ »ç¿ëÀÚ¸¦ ÀÎÁõÇÒ Á¦°øÀÚ¸¦ ÁöÁ¤ÇÑ´Ù. °ªÀÌ OnÀÌ¸é ±âº»Á¦°øÀÚ(file)¸¦ »ç¿ëÇÑ´Ù. mod_authn_file ¸ðµâÀÌ file Á¦°øÀÚ¸¦ ±¸ÇöÇϱ⶧¹®¿¡ ¼­¹ö¿¡ ÀÌ ¸ðµâÀÌ ÀÖ´ÂÁö È®ÀÎÇØ¾ß ÇÑ´Ù.

Á¦°øÀÚ´Â mod_authn_dbm°ú mod_authn_fileÀ» Âü°íÇ϶ó.

°ªÀÌ OffÀ̸é Á¦°øÀÚ ¸ñ·ÏÀ» Áö¿ì°í ±âº»»óÅ·Πµ¹¾Æ°£´Ù.

top

AuthDigestQop Áö½Ã¾î

¼³¸í:digest authentication°¡ »ç¿ëÇÒ º¸È£¼öÁØ(quality-of-protection)À» ÁöÁ¤ÇÑ´Ù.
¹®¹ý:AuthDigestQop none|auth|auth-int [auth|auth-int]
±âº»°ª:AuthDigestQop auth
»ç¿ëÀå¼Ò:directory, .htaccess
Override ¿É¼Ç:AuthConfig
»óÅÂ:Experimental
¸ðµâ:mod_auth_digest

AuthDigestQop Áö½Ã¾î´Â º¸È£¼öÁØ(quality-of-protection)À» ÁöÁ¤ÇÑ´Ù. auth´Â (»ç¿ëÀÚ¸í/¾ÏÈ£) ÀÎÁõ¸¸ ÇÏ°í, auth-int´Â ÀÎÁõ°ú ¿Ï°á¼º °Ë»ç¸¦ (MD5 Çؽ¬µµ °è»êÇÏ¿© °Ë»çÇÑ´Ù) ÇÑ´Ù. noneÀº (¿Ï°á¼º °Ë»ç¸¦ ÇÏÁö¾Ê´Â) ¿À·¡µÈ RFC-2069 digest ¾Ë°í¸®ÁòÀ» »ç¿ëÇÑ´Ù. auth¿Í auth-int¸¦ ¸ðµÎ ÁöÁ¤ÇÒ ¼ö ÀÖ´Ù. ÀÌ °æ¿ì ºê¶ó¿ìÀú´Â ¾î¶² °ÍÀ» »ç¿ëÇÒÁö ¼±ÅÃÇÑ´Ù. ºê¶ó¿ìÀú°¡ ¾î´ø ÀÌÀ¯¿¡¼­°Ç challenge¸¦ ÁÁ¾ÆÇÏÁö ¾Ê´Â´Ù¸é noneÀ» »ç¿ëÇØ¾ß ÇÑ´Ù.

auth-int´Â ¾ÆÁ÷ ±¸ÇöµÇÁö ¾Ê¾Ò´Ù.
top

AuthDigestShmemSize Áö½Ã¾î

¼³¸í:Ŭ¶óÀ̾ðÆ®¸¦ ÃßÀûÇϱâÀ§ÇØ ÇÒ´çÇÏ´Â °øÀ¯¸Þ¸ð¸®·®
¹®¹ý:AuthDigestShmemSize size
±âº»°ª:AuthDigestShmemSize 1000
»ç¿ëÀå¼Ò:ÁÖ¼­¹ö¼³Á¤
»óÅÂ:Experimental
¸ðµâ:mod_auth_digest

AuthDigestShmemSize Áö½Ã¾î´Â Ŭ¶óÀ̾ðÆ®¸¦ ÃßÀûÇϱâÀ§ÇØ ¼­¹ö°¡ ½ÃÀÛÇÒ¶§ ÇÒ´çÇÏ´Â °øÀ¯¸Þ¸ð¸®·®À» Á¤ÀÇÇÑ´Ù. °øÀ¯¸Þ¸ð¸®´Â ÃÖ¼ÒÇÑ ÇϳªÀÇ Å¬¶óÀ̾ðÆ®¸¦ ÃßÀûÇϱâÀ§ÇØ ÇÊ¿äÇÑ °ø°£º¸´Ù ÀÛÀ» ¼ö ¾øÀ½À» ÁÖÀÇÇ϶ó. ÀÌ °ªÀº ½Ã½ºÅÛ¿¡ µû¶ó ´Ù¸£´Ù. Á¤È®ÇÑ °ªÀ» ¾Ë·Á¸é AuthDigestShmemSize¸¦ 0À¸·Î ¼³Á¤ÇÏ°í ¼­¹ö¸¦ ½ÃÀÛÇÑÈÄ ¿À·ù¹®À» Âü°íÇ϶ó.

size´Â º¸Åë ¹ÙÀÌÆ® ´ÜÀ§ÀÌÁö¸¸, µÚ¿¡ K³ª MÀ» »ç¿ëÇÏ¿© KBytes³ª MBytes¸¦ ³ªÅ¸³¾ ¼ö ÀÖ´Ù. ¿¹¸¦ µé¾î, ´ÙÀ½ Áö½Ã¾îµéÀº ¸ðµÎ °°´Ù:

AuthDigestShmemSize 1048576
AuthDigestShmemSize 1024K
AuthDigestShmemSize 1M

°¡´ÉÇÑ ¾ð¾î:  en  |  fr  |  ko 

top

Comments

Notice:
This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our mailing lists.