Return-Path: 
 <users-return-77367-apmail-httpd-users-archive=httpd.apache.org@httpd.apache.org>
Delivered-To: apmail-httpd-users-archive@www.apache.org
Received: (qmail 75448 invoked from network); 21 Nov 2007 17:52:43 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2)
  by minotaur.apache.org with SMTP; 21 Nov 2007 17:52:43 -0000
Received: (qmail 83777 invoked by uid 500); 21 Nov 2007 17:52:20 -0000
Delivered-To: apmail-httpd-users-archive@httpd.apache.org
Received: (qmail 83761 invoked by uid 500); 21 Nov 2007 17:52:19 -0000
Mailing-List: contact users-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@httpd.apache.org
list-help: <mailto:users-help@httpd.apache.org>
list-unsubscribe: <mailto:users-unsubscribe@httpd.apache.org>
List-Post: <mailto:users@httpd.apache.org>
List-Id: <users.httpd.apache.org>
Delivered-To: mailing list users@httpd.apache.org
Received: (qmail 83750 invoked by uid 99); 21 Nov 2007 17:52:19 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 21 Nov 2007 09:52:19 -0800
X-ASF-Spam-Status: No, hits=-1.0 required=10.0
	tests=RCVD_IN_DNSWL_LOW,SPF_HELO_PASS,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (nike.apache.org: local policy)
Received: from [217.69.20.190] (HELO cluster-d.mailcontrol.com)
 (217.69.20.190)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 21 Nov 2007 17:52:22 +0000
Received: from cameurexb01.EUROPE.ROOT.PRI ([62.189.241.200])
	by rly22d.srv.mailcontrol.com (MailControl) with ESMTP id lALHpvtE015532
	for <users@httpd.apache.org>; Wed, 21 Nov 2007 17:52:00 GMT
Received: from [10.103.10.168] ([10.103.10.168]) by
 cameurexb01.EUROPE.ROOT.PRI with Microsoft SMTPSVC(6.0.3790.1830);
	 Wed, 21 Nov 2007 17:51:56 +0000
Message-ID: <4744703C.6060406@csr.com>
Date: Wed, 21 Nov 2007 17:51:56 +0000
From: Arne Heizmann <Arne.Heizmann@csr.com>
User-Agent: Thunderbird 2.0.0.9 (Windows/20071031)
MIME-Version: 1.0
To: users@httpd.apache.org
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 21 Nov 2007 17:51:56.0629 (UTC)
 FILETIME=[3539C050:01C82C67]
X-Scanned-By: MailControl A-06-00-00 (www.mailcontrol.com) on 10.68.0.132
X-Virus-Checked: Checked by ClamAV on apache.org
Subject: [users@httpd] SSPI auth Optional?


Hi,

I'm not sure if this is at all possible, so correct me if I'm chasing a 
ghost... I'm in the following situation:

We have a system which already has an authentication mechanism (using 
cookies). We want to change this so that it uses mod_sspi, like this:

   <Location />
     AuthName "website name goes here"
     AuthType SSPI
     SSPIAuth On
     SSPIAuthoritative On
     SSPIOfferBasic On
     SSPIBasicPreferred Off
     Require valid-user
   </Location>

However, we also have automated scripts accessing the same server, and 
we don't want to have to change them all, so we want the SSPI 
authentication to be _optional_.

Unfortunately it appears that if I remove the "Require valid-user" line, 
the browser doesn't send the authentication credentials at all (doesn't 
even prompt the user).

Is it at all possible to have a system where the username/password box 
pops up in the browser, but if the user presses Cancel, the website is 
still viewable (in my case a PHP script which would then output the 
Access Denied message as appropriate)?

Thanks!
Arne

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org