The password is not a parameter of the apache configuration.

diff --git a/bin/tdyndns_auth_simplepwd b/bin/tdyndns_auth_simplepwd
index 0f88cc5e069c12af5eb8315585cf3a4f28c8a0c4..133f1cacaa52d72a854c4765b920e2f8fb425bad 100755 (executable)
--- a/bin/tdyndns_auth_simplepwd
+++ b/bin/tdyndns_auth_simplepwd
@@ -5,15 +5,9 @@ http://code.google.com/p/mod-auth-external/
 
 It makes sure that the given user name exists at the system
 (with a UID > 1000) and that the password corresponds to
-a specific one given in this file.
+the password that is provided by the AuthExternalContext
+directive in the apache configuration.
 """
-
-# Configuration
-PASSWORD = 'hygCithOrs5'
-
-
-# ------------------------------------------------------------
-
 import os
 import pwd
 import sys
@@ -21,6 +15,7 @@ import sys
 # Get provided username and password
 username = os.environ.get('USER')
 password = os.environ.get('PASS')
+valid_password = os.environ.get('CONTEXT')
 
 
 # We want to have a existing user ...
@@ -36,7 +31,7 @@ if user_info.pw_uid < 1000:
 
 
 # ... and the password has to be as given above
-if password != PASSWORD:
+if password != valid_password:
        sys.exit(1)
 
 

diff --git a/doc/apache2.txt b/doc/apache2.txt
index 79563e249d1e0fe72780f970c5d108d574b151db..feffbd2ce29c4564e550bc4cc5f68b01e8972299 100644 (file)
--- a/doc/apache2.txt
+++ b/doc/apache2.txt
@@ -38,7 +38,8 @@
 
 As an example for an non-standard authorization method, we provided the script
 tdyndns_auth_simplepwd that just checks whether the user is present in the
-system and whether a certain password is given:
+system and whether a certain password is given (supplied via "AuthExternalContext"
+below):
 
 <VirtualHost *:80>
   ServerName dyndns.example.com
@@ -59,6 +60,7 @@ system and whether a certain password is given:
       AuthType Basic
       AuthBasicProvider external
       AuthExternal tdyndnsauth
+      AuthExternalContext hygCithOrs5
       AuthName "tdyndns authorization"
       Require valid-user
   </Directory>