[nycphp-talk] NEW PHundamentals Question - HTTP Authentication
George Schlossnagle
george at omniti.com
Fri Oct 22 17:50:11 EDT 2004
On Oct 22, 2004, at 5:49 PM, David Mintz wrote:
>
> <<When is it a good time (and bad time) to use HTTP Authentication?>>
>
> I would say:
>
> (1) Plain old http authentication, using a flat file for password
> storage,
> is ok if you don't expect much traffic and/or if you're file is small.
> Otherwise, it's too inefficient for Apache to scan that whole thing on
> every request.
There's no reason to use a flatfile. Anyone who's serious about using
HTTP Auth at least uses a DBM. No arguments with points 2 and 3. :)
George
More information about the talk
mailing list