the server unencrypted. This method should therefore not be used for
highly sensitive data, unless accompanied by <code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code>.
Apache supports one other authentication method:
- <code>AuthType Digest</code>. This method is implemented by <code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code> and is much more secure. Most recent
- browsers support Digest authentication.</p>
+ <code>AuthType Digest</code>. This method is implemented by <code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code> and was intended to be more secure. This is no
+ longer the case and the connection should be encrypted with <code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code> instead.</p>
<p>The <code class="directive"><a href="../mod/core.html#authname">AuthName</a></code> directive sets
the <dfn>Realm</dfn> to be used in the authentication. The realm serves
<a href="../ko/howto/auth.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> |
<a href="../tr/howto/auth.html" hreflang="tr" rel="alternate" title="Türkçe"> tr </a></p>
</div>
+<div class="outofdate">Cette traduction peut être périmée. Vérifiez la version
+ anglaise pour les changements récents.</div>
<p>L'authentification est un processus qui vous permet de vérifier
qu'une personne est bien celle qu'elle prétend être. L'autorisation
<a href="../ko/howto/auth.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> |
<a href="../tr/howto/auth.html" title="Türkçe"> tr </a></p>
</div>
+<div class="outofdate">Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.</div>
<p>Kimlik Doğrulama istediğiniz kişileri teyid etme işlemidir.
Yetkilendirme ise kişilerin nereye gireceklerine ve hangi bilgiye
<?xml version="1.0" encoding="ISO-8859-1" ?>
<!DOCTYPE manualpage SYSTEM "../style/manualpage.dtd">
<?xml-stylesheet type="text/xsl" href="../style/manual.fr.xsl"?>
-<!-- English Revision : 1426995 -->
+<!-- English Revision: 1426995:1555566 (outdated) -->
<!-- French translation : Lucien GENTIS -->
<!-- Reviewed by : Vincent Deffontaines -->
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE manualpage SYSTEM "../style/manualpage.dtd">
<?xml-stylesheet type="text/xsl" href="../style/manual.ja.xsl"?>
-<!-- English Revision: 219484:1426995 (outdated) -->
+<!-- English Revision: 219484:1555566 (outdated) -->
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
<?xml version='1.0' encoding='EUC-KR' ?>
<!DOCTYPE manualpage SYSTEM "../style/manualpage.dtd">
<?xml-stylesheet type="text/xsl" href="../style/manual.ko.xsl"?>
-<!-- English Revision: 105989:1426995 (outdated) -->
+<!-- English Revision: 105989:1555566 (outdated) -->
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
<variants>
<variant>en</variant>
- <variant>fr</variant>
+ <variant outdated="yes">fr</variant>
<variant outdated="yes">ja</variant>
<variant outdated="yes">ko</variant>
- <variant>tr</variant>
+ <variant outdated="yes">tr</variant>
</variants>
</metafile>
<?xml version='1.0' encoding='UTF-8' ?>
<!DOCTYPE manualpage SYSTEM "../style/manualpage.dtd">
<?xml-stylesheet type="text/xsl" href="../style/manual.tr.xsl"?>
-<!-- English Revision: 1426995 -->
+<!-- English Revision: 1426995:1555566 (outdated) -->
<!-- =====================================================
Translated by: Umut Samuk <umut belgeler.org>
Reviewed by: Nilgün Belma Bugüner <nilgun belgeler.org>
<a href="../ja/mod/mod_auth_basic.html" hreflang="ja" rel="alternate" title="Japanese"> ja </a> |
<a href="../ko/mod/mod_auth_basic.html" hreflang="ko" rel="alternate" title="Korean"> ko </a></p>
</div>
-<div class="outofdate">Cette traduction peut être périmée. Vérifiez la version
- anglaise pour les changements récents.</div>
<table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>Authentification de base</td></tr>
<tr><th><a href="module-dict.html#Status">Statut:</a></th><td>Base</td></tr>
<tr><th><a href="module-dict.html#ModuleIdentifier">Identificateur de Module:</a></th><td>auth_basic_module</td></tr>
<variants>
<variant>en</variant>
- <variant outdated="yes">fr</variant>
+ <variant>fr</variant>
<variant outdated="yes">ja</variant>
<variant outdated="yes">ko</variant>
</variants>
<p>This module implements HTTP Digest Authentication
(<a href="http://www.faqs.org/rfcs/rfc2617.html">RFC2617</a>), and
- provides a more secure alternative to <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code>.</p>
+ provides an alternative to <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code> where the
+ password is not transmitted as cleartext. However, this does
+ <strong>not</strong> lead to a significant security advantage over
+ basic authentication. On the other hand, the password storage on the
+ server is much less secure with digest authentication than with
+ basic authentication. Therefore, using basic auth and encrypting the
+ whole connection using <code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code> is a much better
+ alternative.</p>
</div>
<div id="quickview"><h3 class="directives">Directives</h3>
<ul id="toc">
</code></p></div>
<div class="note"><h3>Note</h3>
- <p>Digest authentication is more secure than Basic authentication,
- but only works with supporting browsers. As of this writing (December
- 2012) all major browsers support digest authentication.</p>
+ <p>Digest authentication was intended to be more secure than basic
+ authentication, but no longer fulfills that design goal. A
+ man-in-the-middle attacker can trivially force the browser to downgrade
+ to basic authentication. And even a passive eavesdropper can brute-force
+ the password using today's graphics hardware, because the hashing
+ algorithm used by digest authentication is too fast. Another problem is
+ that the storage of the passwords on the server is insecure. The contents
+ of a stolen htdigest file can be used directly for digest authentication.
+ Therefore using <code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code> to encrypt the whole connection is
+ strongly recommended.</p>
</div>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<a href="../fr/mod/mod_auth_digest.html" title="Français"> fr </a> |
<a href="../ko/mod/mod_auth_digest.html" hreflang="ko" rel="alternate" title="Korean"> ko </a></p>
</div>
+<div class="outofdate">Cette traduction peut être périmée. Vérifiez la version
+ anglaise pour les changements récents.</div>
<table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>Authentification utilisateur utilisant les condensés
MD5.</td></tr>
<tr><th><a href="module-dict.html#Status">Statut:</a></th><td>Extension</td></tr>
<?xml version="1.0"?>
<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
<?xml-stylesheet type="text/xsl" href="../style/manual.fr.xsl"?>
-<!-- English Revision : 1415962 -->
+<!-- English Revision: 1415962:1555566 (outdated) -->
<!-- French translation : Lucien GENTIS -->
<!-- Reviewed by : Vincent Deffontaines -->
<?xml version="1.0" encoding="EUC-KR" ?>
<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
<?xml-stylesheet type="text/xsl" href="../style/manual.ko.xsl"?>
-<!-- English Revision: 105989:1415962 (outdated) -->
+<!-- English Revision: 105989:1555566 (outdated) -->
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
<variants>
<variant>en</variant>
- <variant>fr</variant>
+ <variant outdated="yes">fr</variant>
<variant outdated="yes">ko</variant>
</variants>
</metafile>
<a href="../ko/mod/mod_autoindex.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> |
<a href="../tr/mod/mod_autoindex.html" hreflang="tr" rel="alternate" title="Türkçe"> tr </a></p>
</div>
-<div class="outofdate">Cette traduction peut être périmée. Vérifiez la version
- anglaise pour les changements récents.</div>
<table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>Génère automatiquement des index de répertoires d'une
manière similaire à la commande Unix <code>ls</code>, ou à la commande
shell Win32 <code>dir</code></td></tr>
<a href="../ko/mod/mod_autoindex.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> |
<a href="../tr/mod/mod_autoindex.html" title="Türkçe"> tr </a></p>
</div>
-<div class="outofdate">Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.</div>
<table class="module"><tr><th><a href="module-dict.html#Description">Açıklama:</a></th><td>Unix <code>ls</code> veya Win32 <code>dir</code> kabuk komutunun
yaptığı gibi dizin içeriğini listeler.</td></tr>
<tr><th><a href="module-dict.html#Status">Durum:</a></th><td>Temel</td></tr>
<variants>
<variant>en</variant>
- <variant outdated="yes">fr</variant>
+ <variant>fr</variant>
<variant outdated="yes">ja</variant>
<variant outdated="yes">ko</variant>
- <variant outdated="yes">tr</variant>
+ <variant>tr</variant>
</variants>
</metafile>
subrequest to do the check, so use it with care -
it can impact your server's performance!</li>
- <li>'<strong>-U</strong>' (is existing URL, via
+ <li><p>'<strong>-U</strong>' (is existing URL, via
subrequest)<br />
Checks whether or not <em>TestString</em> is a valid URL,
accessible via all the server's currently-configured
access controls for that path. This uses an internal
subrequest to do the check, so use it with care -
- it can impact your server's performance!</li>
+ it can impact your server's performance!</p>
+ <p> This flag <em>only</em> returns information about things
+ like access control, authentication, and authorization. This flag
+ <em>does not</em> return information about the status code the
+ configured handler (static file, CGI, proxy, etc.) would have
+ returned.</p> </li>
</ul>
<div class="note"><h3>Note:</h3>
utiliser avec précautions car les performances du serveur
peuvent s'en trouver affectées !</li>
- <li>'<strong>-U</strong>' (yesy de l'existence d'une URL
+ <li><p>'<strong>-U</strong>' (test de l'existence d'une URL
via une sous-requête)<br />
Vérifie si <em>chaîne de test</em> est une URL valide,
accessible à travers tous les contrôles d'accès du serveur
actuellement configurés pour ce chemin. C'est une
sous-requête interne qui effectue cette vérification - à
utiliser avec précautions car les performances du serveur
- peuvent s'en trouver affectées !</li>
+ peuvent s'en trouver affectées !</p>
+ <p>Ce drapeau ne renvoie <em>que</em> des informations
+ concernant le contrôle d'accès, l'authentification et
+ l'autorisation. Il ne renvoie <em>pas</em> d'informations
+ concernant le code d'état que le gestionnaire configuré
+ (static file, CGI, proxy, etc...) aurait, quant à lui,
+ retourné.</p></li>
</ul>
<div class="note"><h3>Note :</h3>
projects / thirdparty / apache / httpd.git / commitdiff
