httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Milan Andric <mand...@eecs.berkeley.edu>
Subject Re: [users@httpd] ordering of LoadModule directives matters with SSLRequireSSL
Date Fri, 23 Jul 2004 22:55:47 GMT
On Fri, Jul 23, 2004 at 03:53:11PM -0700, Milan Andric wrote:
> On Thu, Jul 22, 2004 at 10:42:09PM -0400, Joshua Slive wrote:
> > On Thu, 22 Jul 2004 14:18:42 -0700, Milan Andric
> > <mandric@eecs.berkeley.edu> wrote:
> > > Hello, I just wanted to report that SSLRequireSSL doesn't work as advertised
in
> > > the mod_ssl documentation unless you LoadModule mod_ssl before other auth
> > > modules.  To my surprise (or ignorance) mod_auth_ldap was filtering(?) requests
> > > before mod_ssl in the case of an http request.  So mod_ssl never got a chance
> > > to deny the request?  Anyway, I just wanted to document this or announce my
> > > insanity.  Either way, hopefully will benefit someone else who might be in
the
> > > same boat.
> > 
> > I assume you're talking about Apache 1.3 here.  In Apache 2.0, the
> > module ordering is specified by the modules and doesn't depend on
> > LoadModule/Addmodule.
> 
> No, I was talking about Apache 2.0.  I couldn't get SSLRequireSSL to work until
> i moved LoadModule mod_ssl line to the top of the LoadModule directives. I could
> do further testing ... since it sounds like you think it's impossible.

err, "unlikely" rather ...
--
Milana

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message