httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Graham Leggett <>
Subject Re: RequireAll: seems to evaluate require lines unnecessarily
Date Sun, 05 Aug 2012 21:52:33 GMT
On 05 Aug 2012, at 10:39 PM, Stefan Fritsch wrote:

>>> This works as designed. Authentication will only be triggered if the
>>> end result depends on a valid user being present. The reason is to
>>> avoid a password dialogue if the access will be denied anyway.
>> This breaks basic authentication though, because basic auth relies on that initial
401 Unauthorized to tell the client that a password is required. In this case, access would
have been approved, not denied, but the client never got the opportunity to try log in as
it was forbidden from the outset.
>> Right now, I cannot get aaa to work in either a browser or in the webdav client for
MacOSX with two require lines. In both cases, the user is forbidden immediately with no opportunity
to log in.
> You mean you can't get "Require expr" to work. All other providers should work ok. Or
do you have an example that does not involve "Require expr"?

Most specifically, as per my original mail, I can't get the following to work:

     Require valid-user
     Require expr %{note:mod_userdir_user} == %{REMOTE_USER}

Can you clarify what is special about the expr specifically that triggers forbidden instead
of unauthorized?

Perhaps this is a bug inside the expr code.


View raw message