WEBVTT 00:00.260 --> 00:02.630 Welcome back to the Knowledge Portal Video series. 00:02.720 --> 00:09.650 In the last two lectures we discussed about the basics of the digest authentication, as well as how 00:09.650 --> 00:14.180 we can calculate the response based upon the various values. 00:15.560 --> 00:22.130 Today we will look into how we can actually implement digest authentication on a web server. 00:23.540 --> 00:32.510 Now digest authentication is not supported by Nginx, so we'll be using Apache in this case to have 00:32.510 --> 00:36.980 a digest authentication upon talking about the scenario. 00:39.410 --> 00:48.200 Let me open up the Internet Explorer and when I go to example.com slash admin here you see it is showing 00:48.200 --> 00:49.550 a secret admin page. 00:49.760 --> 00:57.140 So what our case study is that we have to protect this particular page, which is slash admin with a 00:57.140 --> 00:58.550 digest authentication. 00:59.150 --> 01:01.410 Now let's see on how we can do that. 01:04.260 --> 01:09.750 The very first thing that you have to do is you have to install Apache or just verify if you have Apache 01:09.750 --> 01:12.540 installed with RPM grep httpd. 01:19.860 --> 01:24.030 In my case, it is there also. 01:26.670 --> 01:30.600 Make sure that if you are having both Apache as well as Nginx. 01:30.800 --> 01:32.340 Nginx should be stopped. 01:32.460 --> 01:36.630 In my case I have both apache as well as nginx in single server. 01:37.050 --> 01:40.110 Nginx is stopped, however Apache is running. 01:42.470 --> 01:43.070 Great. 01:43.220 --> 01:50.690 So as you have done this, let's go to the Apache configuration and see on how we can have a digest 01:50.690 --> 01:51.530 based authentication. 01:51.530 --> 01:56.480 So I'll go to pass http rtc Httpd.conf. 01:58.700 --> 01:59.950 Httpd.conf. 02:01.090 --> 02:04.780 Now if i search for mod underscore auth. 02:04.780 --> 02:06.940 So these are the modules. 02:08.420 --> 02:15.020 If we look over here on the second module, the second module is related to mod underscore, auth underscore 02:15.020 --> 02:15.740 digest. 02:15.740 --> 02:19.640 So this module is used for digest based authentication. 02:20.030 --> 02:25.820 Make sure you have this particular module installed to verify. 02:25.820 --> 02:30.560 Just verify that you have this particular line in your Apache configuration. 02:32.990 --> 02:39.140 Let's go down and let's write our digest based authentication. 02:41.660 --> 02:42.460 Detectives. 02:43.100 --> 02:50.990 So the very first thing that you'll have to do over here is specify the location block location for, 02:51.020 --> 02:53.290 say, admin. 02:53.300 --> 02:58.880 So whatever I write below, this will be applicable for slash admin location. 03:01.280 --> 03:04.610 First important directive is auth type. 03:04.640 --> 03:09.080 There are two major auth types which is basic and digest. 03:09.110 --> 03:13.730 So as we're implementing digest authentication will write digest over here. 03:16.260 --> 03:18.210 Next come is the auth name. 03:19.260 --> 03:23.730 This is basically the name of the realm, so I'll say knowledge portal. 03:28.250 --> 03:41.660 Now I have to tell the digest module that if anyone comes to slash admin page, provide a username and 03:41.660 --> 03:47.150 password based login screen, so the auth digest domain will be slash admin. 03:47.150 --> 03:52.190 So that means if anyone comes to slash admin page, a username and password will be 03:54.710 --> 03:56.210 asked to the user. 03:58.570 --> 04:08.890 When this is done, let's say, or digest provider, I'll say file followed by the auth user file. 04:11.050 --> 04:17.560 So this is the location of the username and password which will be stored in a particular file. 04:17.740 --> 04:27.440 So I'll say e.t.c., let's put it in Http itself and let's name it digest underscore password, I'll 04:27.460 --> 04:28.160 say pwt. 04:29.440 --> 04:33.250 So this is the location where the username and password will be stored. 04:35.020 --> 04:36.970 And the last directive will be. 04:41.560 --> 04:44.410 And say required valid user. 04:44.500 --> 04:46.060 I hope this is correct. 04:46.450 --> 04:50.380 And to close a location block as well. 04:54.080 --> 05:00.590 So summarizing for slash admin, the auth type is digest. 05:00.620 --> 05:02.630 The realm is knowledge portal. 05:02.810 --> 05:10.430 The password and user are stored in this particular file, and whenever someone tries to access slash 05:10.430 --> 05:13.640 admin, he'll be provided with the login screen. 05:13.820 --> 05:19.310 So I'll save this and before we restart Apache we'll have to. 05:21.810 --> 05:26.190 Create a digest underscore BW file that we have defined. 05:26.340 --> 05:28.320 So in order to create. 05:28.350 --> 05:29.720 We'll use digest. 05:29.730 --> 05:33.000 So this is the command. 05:33.000 --> 05:41.820 So I'll say Digest C is followed, C is basically to create a new file. 05:41.820 --> 05:43.590 I say digest underscore. 05:46.250 --> 05:46.970 P.w.d.. 05:47.360 --> 05:51.920 So this is the file name followed by the Realm. 05:52.280 --> 05:54.410 So this is the realm. 05:55.250 --> 05:57.590 So our realm is knowledge portal. 05:57.740 --> 06:01.100 I'll say knowledge Portal and the username. 06:01.610 --> 06:03.920 Let's have username as admin. 06:03.950 --> 06:05.810 It will prompt for a password. 06:06.080 --> 06:13.730 I'll type in the password over here and if I do ls a digest underscore p.w.d. file is created. 06:13.820 --> 06:17.420 Let me restart the Apache. 06:19.440 --> 06:21.180 And it had failed due to some reason. 06:21.180 --> 06:25.320 So let's verify what we did wrong. 06:28.020 --> 06:29.130 Let's go down. 06:40.430 --> 06:43.340 And I think this is it. 06:46.280 --> 06:53.450 Okay, So now let's go back to the Internet Explorer and let's refresh the page. 06:53.460 --> 07:00.830 And now you'll see it is asking for the username and password and this time the authentication is based 07:00.830 --> 07:01.760 on digest. 07:02.660 --> 07:09.860 So I hope this has been informative for you and I would really urge you to try it once and do it for 07:09.860 --> 07:10.400 yourself. 07:10.820 --> 07:11.780 This is it. 07:11.780 --> 07:13.640 About this lecture. 07:13.640 --> 07:17.090 I hope this has been informative for you and I'd like to thank you for viewing.