summaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
Diffstat (limited to 'doc')
-rw-r--r--doc/httpauthd.conf.511
1 files changed, 10 insertions, 1 deletions
diff --git a/doc/httpauthd.conf.5 b/doc/httpauthd.conf.5
index 8d967c3..bae1d2d 100644
--- a/doc/httpauthd.conf.5
+++ b/doc/httpauthd.conf.5
@@ -148,6 +148,14 @@ How this exactly works depends on the method it applies to.
[ Default:
.Em 900
]
+.It Cd DigestIgnoreMethod
+When set to
+.Em True
+allows the HTTP method value in
+.Em Digest
+authentication to be mismatched with the actual request. This opens
+up a variety of replay attacks, but is useful for pass-through
+authentication (eg: a website using a SOAP service).
.It Cd DigestIgnoreNC
When set to
.Em True
@@ -164,7 +172,8 @@ When set to
allows the URI value in
.Em Digest
authentication to be mismatched with the URI requested. This opens up
-a variety of replay attacks, but may be necessary in some cases.
+a variety of replay attacks, but is useful for pass-through
+authentication (eg: a website using a SOAP service).
.Pp
[ Default:
.Em False