httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben Laurie <...@algroup.co.uk>
Subject Re: [PATCH] Send right type of "auth required"
Date Sun, 12 Dec 1999 20:38:13 GMT
Martin Kraemer wrote:
> 
> On Sat, Dec 04, 1999 at 05:05:19PM +0000, Ben Laurie wrote:
> > When mod_proxy is configured to do a ProxyPass but the location requires
> > auth, the error code is erroneously converted to "proxy auth required".
> > Here's a patch to fix that. Comments?
> 
> I think this solves the request situation you described. It also
> makes it more clear in what state the proxy engine is.

OK, I'll commit soon.

> Another proxy authorization problem remains, however:
> It does not fix the case where a proxy server further up in the
> proxy chain requires proxy authentication. We pass the 407 back
> to the client, but when she re-requests with a proxy-auth header,
> we strip it out (being a proxy) because we assume it's for us,
> and as we don't want to pass auth info to the origin server. We
> should only do that if we really know it was us who required
> the proxy authorization.

Yep, but I don't have a test case so I'm not going to fix it.

Cheers,

Ben.

--
SECURE HOSTING AT THE BUNKER! http://www.thebunker.net/hosting.htm

http://www.apache-ssl.org/ben.html

"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
     - Indira Gandhi

Mime
View raw message