DevHeads.net

Postings by Phil Endecott

Best practice for mod_authn_dbd + postgresql; really SHA1?

Dear Experts,

I'm trying to determine the best way to implement Apache
authentication using mod_authn_dbd and PostgrSQL; my starting
point has been this documentation:

<a href="https://httpd.apache.org/docs/2.4/mod/mod_authn_dbd.html" title="https://httpd.apache.org/docs/2.4/mod/mod_authn_dbd.html">https://httpd.apache.org/docs/2.4/mod/mod_authn_dbd.html</a>
<a href="https://httpd.apache.org/docs/2.4/misc/password_encryptions.html" title="https://httpd.apache.org/docs/2.4/misc/password_encryptions.html">https://httpd.apache.org/docs/2.4/misc/password_encryptions.html</a>
<a href="https://www.postgresql.org/docs/9.6/static/pgcrypto.html" title="https://www.postgresql.org/docs/9.6/static/pgcrypto.html">https://www.postgresql.org/docs/9.6/static/pgcrypto.html</a> (F.25.2)

It looks like my choices are:

1: Do the crypto in PostgreSQL.