Sun Java System Web Server 7.0 Update 4 Administrator's Guide

Managing WebDAV Authentication Databases

From the administration console, click WebDAV tab from the selected configuration to edit WebDAV authentication database settings. The following table provides a short description of each field in the page:

Table 10–2 WebDAV Authentication Database Properties



Authentication Database

Authentication Database lets you select a database the server will use to authenticate users.

The default is keyfile

Authentication Method

  • Basic — uses the HTTP Basic method to obtain authentication information from the client. The username and password are only encrypted over the network if SSL is turned on for the server.

  • SSL — uses the client certificate to authenticate the user. To use this method, SSL must be turned on for the server. When encryption is on, you can combine Basic and SSL methods.

  • Digest — uses an authentication mechanism that provides a way for a browser to authenticate based on username and password without sending the username and password as clear text. The browser uses the MD5 algorithm to create a digest value using the user’s password and some information provided by the Web Server. Note that in order to use Digest the underlying auth-db must support digest as well. This means either a File auth-db using digestfile or an LDAP auth-db only if the Digest Authentication Plug-in has been installed

  • Other — uses a custom method created using the access control API.

Authentication Prompt Text

Prompt for Authentication option enables you to enter message text that appears in the authentication dialog box. You can use this text to describe what the user needs to enter. Depending on the browser, the user will see about the first 40 characters of the prompt.

Web browsers typically cache the username and password, and associate them with the prompt text. When the user accesses files and directories of the server having the same prompt, the usernames and passwords won’t need to be entered again. If you want users to authenticate again for specific files and directories, you simply need to change the prompt for the ACL on that resource.