httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Slemko <ma...@worldgate.com>
Subject Re: Something broke on the way to 1.3 ...
Date Fri, 27 Mar 1998 18:27:14 GMT
On Fri, 27 Mar 1998, sameer wrote:

> 	In all seriousness I think that the 1.3 behavior is correct
> and the 1.2 beehavior is broken. I wish I could think of some way for
> you to do what you want to do though. Perhaps the master of rewriting
> (Dean?) will have some insight.

Neither behaviour is correct.  There are... issues when considering
exactly what sort of access control should be applied to such requests.
In this case, the concept would be that you should figure out if it is a
proxy request from the client or an internal mumble and handle it
accordingly.

Also consider the case where there is an access restriction stopping
outside people from using the proxy, but you still want them to be able to
use ProxyPass things, etc.

> 
> > Just upgraded most of our servers from 1.2.6 to 1.3b6-dev.  This went
> > smoothly with just one little  exception.  To try to cut a long
> > httpd.conf short I had something like the following
> > 
> > ProxyPass /proxy/foo http://foo/
> > <Location ~ "/register|/admin">
> >   require valid-user
> > </Location>
> > 
> > A user asking for
> > 
> > /proxy/foo/register
> > 
> > would need to authenticate themself before the proxy request took
> > place.  This all worked fine!
> > 
> > Under 1.3 however, a user asking for the same URL gets a 407 (Proxy
> > authentication required) error - which the browser (Communicator in this
> > case) doesn't take to mean that it should pop up a username/password
> > box.  Hence the request never gets to the proxy server
> > 
> > I'm not sure what behaviour is "correct", but figured it was worth
> > reporting.
> > 
> > Mike
> > 
> > 
> 
> 
> -- 
> Sameer Parekh					Voice:   510-986-8770
> President					FAX:     510-986-8777
> C2Net
> http://www.c2.net/				sameer@c2.net
> 


Mime
View raw message