httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From C...@PROCESS.COM (Rodent of Unusual Size)
Subject Re: denying access without challenging?
Date Thu, 01 Jan 1970 00:00:00 GMT
>From the fingers of Dean Gaudet flowed the following:
>
>On Tue, 25 Nov 1997, Michael Smith wrote:
>
>> It is possible in apache to deny access to users without actually
>> prompting them for a username/password.
>
>No.  There's no magic way for the browser to divine that it's really being
>used by a valid-user except for it to ask the user for their password. 

    Unless, of course, you can do it at a lower level using
    nondiscretionary controls - like IP addresses.  But if you need to
    involve discretionary controls like usernames and passwords, Dean's
    right.

    #ken    P-)}

Mime
View raw message