basic_auth plain text password
mdounin at mdounin.ru
Fri Sep 10 14:15:28 MSD 2010
On Fri, Sep 10, 2010 at 10:02:24AM +0300, Darius Damalakas wrote:
> I am running nginx/0.8.50, and i am using "auth_basic" for basic
> authentication. Now what i have found so far is that it looks like
> nginx is treating the passwords as plain text. My basic idea is that
> Nginx does not encrypt the password that it gets with MD5 or any other
> algorithm, and simply checks password that is sent as plain text.
> is this true or am i missing something?
> I've found on google some mails in mailing lists that tell that this
> might not yet be implemented (can't find that URL now).
> And, by the way, OS is WinXP.
Windows has no crypt() function and only plain text passwords are
supported for now.
More information about the nginx