From mboxrd@z Thu Jan  1 00:00:00 1970
Message-ID: <4facb2393a46606846e128883e9cc8b5@9netics.com>
To: 9fans@cse.psu.edu
Subject: Re: [9fans] httpd/magic and authentication
Date: Fri, 26 May 2006 20:04:30 -0700
From: Skip Tavakkolian <9nut@9netics.com>
In-Reply-To: <7B631065-3011-46F2-A04D-B68C0F86B0A0@ar.aichi-u.ac.jp>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Topicbox-Message-UUID: 5564029c-ead1-11e9-9d60-3106f5b1d025

Thanks.

> By the way, I don't think digest authentication is useful in case we =20
> want to protect some web contents from local users or other person's =20
> CGI.

i noticed httpdigest proto has been added to factotum.  one of the
suggestions in the old thread was for each user to run its own httpd.
combining this with a change to the 'who' handler to redirect a ~user
request to the user's httpd (port=E2=86=94user mapping) should do it.  ea=
ch
user's own httpd (probably with ssl) then challenges all incoming
requests against his/her own factotum which would have a server side
secret for httpdigest proto.

> http://plan9.aichi-u.ac.jp/pegasus/eman-2.0/
> http://plan9.aichi-u.ac.jp/pegasus/eman-2.1/

I was able to look at 2.0 version but not 2.1.