httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrew White <>
Subject [users@httpd] AuthZ POST content and multiple handlers
Date Fri, 22 Sep 2006 14:19:00 GMT
I am attempting to authorize post content (SOAP methods) against ACLs,
but once the authorize handler grabs the HTTP body, the other handlers
can't process the content. 

A work around is to proxy the request to a local virtual host to handle
the request AFTER it has been authorized, but then the SSL/TLS
information is lost. Also, this means that anyone on that box can bypass
the authorizer by simply calling the proxied virtual host. 

I would like to do everything in a single pass so I can keep the SSL
info and make it harder for local apps to bypass ACLs.

Any ideas?

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message