httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Florian Niedoba" <>
Subject [users@httpd] Disabling basic authentication
Date Mon, 04 Feb 2008 11:13:59 GMT

This is about disabling basic authentication.
We currently use the following scenario:
We are using mod_auth_sspi to authenticate users via Single Sign On. This
works fine.
Some of our users are not on the Active Directory.
What we want for them is: They hit the URL which protected by the
mod_auth_sspi, it fails and they are forwarded to a different url with a
form based login (401 redirects them).
What happens currently: They are prompted with a basic authenitication
pop-up for username and password, but they don't have a valid AD user so
authentication fails. Now they are forwarded to the other url with the form
based login.
So everything works fine, except that we want to get rid of the basic auth
Is there any chance to suppress it? Any ideas? I think it is actually done
by the browser, is there a way to modify a header or something to pretend
the apache can not handle basic authentication?
About our env: AD as authentication source, all users use IE, we have full
controll over their IE settings, we are using  apache 2.0.59

Thanks, Florian

View raw message