httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joshua Slive <jos...@slive.ca>
Subject Re: [users@httpd] proxypassreverse redirection
Date Mon, 13 Feb 2006 13:51:13 GMT
On 2/13/06, Frederick, Fabian <Fabian.Frederick@prov-liege.be> wrote:
> This method works but I'd like to avoid access _only_ without authentification :
> http://site returns 401 with www-auth
>
> ... But I'm surprised http://user:password@site works in 2 phases :
>
>         1.Server returns 401 (why?)
>         2.Account is logged; server returns 302
>
> How can I recognize http://site from the second http://user:password@site ? Is it possible
from cgi to check complete url ?

The http://user:password@site thing is completely non-standard and
doesn't work at all in most browsers, as far as I know.  So how it
works in your particular case would depend on the browser's actions,
not the servers.  Obviously your browser is not sending the
credentials until after it receives a 401, which is the standard way
to do things in general, but is a little strange given that the
browser knows the credentials.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message