httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Smith <...@iii.co.uk>
Subject Re: denying access without challenging?
Date Tue, 25 Nov 1997 18:57:57 GMT
I'm not sure I have explained what I'd like to do as clearly as I could have done!
I don't appear to be very good at that side of things sometimes :-(

I would expect the user to be challenged, and maybe the server would accept the
challenge but still not let them see the page.  Hmm, the more I think about it the
more complicated it becomes ...

it'd be lsomething ike this

Page 1
require valid-user
link to Page 2

Page 2
require group gp

Such that the users who can see page 2 (those in group gp) are a subset of those
who can see page 1.  I guess what I want to see is somthing like

Page 2
require valid-user
if (! group gp) print_up_some_other_page

if you get my meaning.

Hope we're talking about doing the same sort of thing here.

Mike

Dean Gaudet wrote:

> REMOTE_USER is set by the authentication code.  i.e. you can't divine its
> value unless the user has been challenged.
>
> Dean




Mime
View raw message