Return-Path: 
 <users-return-66099-apmail-httpd-users-archive=httpd.apache.org@httpd.apache.org>
Delivered-To: apmail-httpd-users-archive@www.apache.org
Received: (qmail 4764 invoked from network); 25 Aug 2006 13:48:23 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199)
  by minotaur.apache.org with SMTP; 25 Aug 2006 13:48:23 -0000
Received: (qmail 34380 invoked by uid 500); 25 Aug 2006 13:48:15 -0000
Delivered-To: apmail-httpd-users-archive@httpd.apache.org
Received: (qmail 34156 invoked by uid 500); 25 Aug 2006 13:48:14 -0000
Mailing-List: contact users-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@httpd.apache.org
list-help: <mailto:users-help@httpd.apache.org>
list-unsubscribe: <mailto:users-unsubscribe@httpd.apache.org>
List-Post: <mailto:users@httpd.apache.org>
List-Id: <users.httpd.apache.org>
Delivered-To: mailing list users@httpd.apache.org
Received: (qmail 34145 invoked by uid 99); 25 Aug 2006 13:48:14 -0000
Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 25 Aug 2006 06:48:14 -0700
X-ASF-Spam-Status: No, hits=1.4 required=10.0
	tests=DNS_FROM_RFC_ABUSE,HTML_10_20,HTML_MESSAGE,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (asf.osuosl.org: domain of steve.j.swift@gmail.com
 designates 64.233.184.237 as permitted sender)
Received: from [64.233.184.237] (HELO wr-out-0506.google.com) (64.233.184.237)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 25 Aug 2006 06:48:13 -0700
Received: by wr-out-0506.google.com with SMTP id i32so11152wra
        for <users@httpd.apache.org>; Fri, 25 Aug 2006 06:47:52 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
        s=beta; d=gmail.com;
        h=received:message-id:date:from:to:subject:mime-version:content-type;
        b=twkePIl/QrQmA0fPaUjKKJYlNRXL/ArkXmn1ZAHyl7QZkkNix0Jc1lPYoDgGpKN/IsjoANhF76qtb0b3xBGy42w58dvxD2sBQz9CIWpT4Swsa4fmLNVpGlI/gdhuJEnlNx3wgZdPSOhwUMRr9oYOuVjnDen5PlReFKImTD/JQxY=
Received: by 10.90.105.19 with SMTP id d19mr557968agc;
        Fri, 25 Aug 2006 06:47:52 -0700 (PDT)
Received: by 10.90.96.14 with HTTP; Fri, 25 Aug 2006 06:47:47 -0700 (PDT)
Message-ID: <dbd3c1650608250647y34989253m97cf29d41ca2a050@mail.gmail.com>
Date: Fri, 25 Aug 2006 14:47:47 +0100
From: "Steve Swift" <steve.j.swift@gmail.com>
To: users@httpd.apache.org
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="----=_Part_7746_23659758.1156513667560"
X-Virus-Checked: Checked by ClamAV on apache.org
Subject: [users@httpd] Order of checks
X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N

------=_Part_7746_23659758.1156513667560
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

We have two apache webservers running release 2.0.57
On one of them, if we ask for a non-existent script from a protected
directory we get the 404 Not Found response without a prompt for username
and password.
On the other one, we get prompted for username and password and when we get
those right we get the 404 Not Found response.

The behaviour of the first server seems wrong, but why is it checking for
"Not Found" before "Not Authorised"?

-- 
Steve Swift
http://www.swiftys.org.uk

------=_Part_7746_23659758.1156513667560
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

We have two apache webservers running release 2.0.57<br>On one of them, if we ask for a non-existent script from a protected directory we get the 404 Not Found response without a prompt for username and password.<br>On the other one, we get prompted for username and password and when we get those right we get the 404 Not Found response.
<br><br>The behaviour of the first server seems wrong, but why is it checking for &quot;Not Found&quot; before &quot;Not Authorised&quot;?<br clear="all"><br>-- <br>Steve Swift<br><a href="http://www.swiftys.org.uk">http://www.swiftys.org.uk
</a>

------=_Part_7746_23659758.1156513667560--