Melanie Pfefer wrote:
hi,
Is there a way to avoid putting the user password in clear text?
AuthType Basic
AuthName "internal users"
AuthLDAPBindDN "uk-siroe-com\user"
AuthLDAPBindPassword "password"
I don't really know the answer, but does it matter ?
1) the httpd.conf should only be readable by root
2) unless I am mistaken, this user-id/password is only used to "bind"
(aka log into) the LDAP system in order to look up a real user's id/pw.
So it could be a special account that has very little capabilities.
3) there might even exist a way to do an "anonymous bind", if the
purpose is just to verify a user-id later.
Specialists correct me if I'm wrong.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
