httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrew Wilson <and...@www.elsevier.co.uk>
Subject Re: Logging users of protected resources...
Date Wed, 29 Mar 1995 14:00:21 GMT
Brian:
> > 3)	Does anyone run any form of .htaccess protection on files that they
> > 	include into their documents?
> > 
> > As it stands the logfile is pretty useless for user tracking when the site also
> > makes heavy use of <!--#include file="foo" -->.  I think it's important that
> > 0.4 carries a useful fix, and I can patch it up if people want.
> 
> Yes, we use this extensively (more for included CGI scripts that must 
> know who the REMOTE_USER is).

Understood.  Suppose than you have a set of cgi-bin scripts that provide
access to a set of related files held in some other part of the server's
space.  In one scenario I can think of (one I'm using) you'd have identical
.htaccess files in the /cgi-bin/ directory and in the /related-files/ directory.
Does this sound ok so far?

Ok, so is there any likelyhood that these two htaccess files would be
different?  Would a user need to enter a uid/pwd pair to access the
/related-files/ which was different to the one needed to access the /cgi-bin/
scripts?  I'd say not, but are you using the htaccess system in a different way?

I've put a NEW VERSION of the B00042 in incoming, called *gasp*:

	B00042-patch.correct_user_logging.v2

which records the 'user' entry in the log file properly.  It supercedes the

	B00042-patch.correct_user_logging

patch.  I goofed in version 1, it's not been a good week.

Cheers,
Ay.

     Andrew Wilson	     URL: http://www.cm.cf.ac.uk/User/Andrew.Wilson/
Elsevier Science, Oxford   Office: +44 0865 843155     Mobile: +44 0589 616144


Mime
View raw message