www-apache-bugdb mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From wi...@lynx.uio.no (Jon Wikne)
Subject Re: mod_auth-any/3124: AuthName does not work anymore - appears as "unknown".
Date Mon, 05 Oct 1998 10:10:01 GMT
The following reply was made to PR mod_auth-any/3124; it has been noted by GNATS.

From: wikne@lynx.uio.no (Jon Wikne)
To: marc@apache.org
Cc: apbugs@apache.org
Subject: Re: mod_auth-any/3124: AuthName does not work anymore - appears as "unknown".
Date: Mon, 5 Oct 1998 12:06:08 +0200 (MET DST)

 > You have an ErrorDocument 401 directive, correct?
 
 Yes.
 
 > Does removing that stop this problem?
 
 Yes! Strange, I always believed that the importance of the 401
 document started _after_ an error had occurred, not before....
 
 > If so, what is the
 > ErrorDocument directive pointing to?
 
 It points to a CGI-script whose purpose is to count the number of
 unsuccessful attempts to access the URLs requiring authorization.
 
 > For some reason, there are two authentication headers being
 > sent, one empty.
 
 Yes, it appears the 401 script sent one of them. I don't remember
 the reason for that. It has been this way for many years, starting
 in the "old" days running NCSA httpd. ;-) Maybe it was required
 (or I believed it was required) at some stage. Until now it has
 not caused problems.
 
 Curious as I am, I tried to track down what the difference between
 1.3b3 and 1.3.2 were in handling this situation. It appears that
 while 1.3b3 puts the empty authentication header _after_ the correct
 one, 1.3.2 puts it _before_, thus causing problems.... This is
 illustrated in the dialogues included below with two different
 computers, one running 1.3b3, the other 1.3.2.
 
 Thanks for your time.
 
 
 Cheers,
 -- Jon
 
 ----------------------------------------------------------------------
 wikne@rom 6 % telnet lynx 80
 Trying 129.240.84.95...
 Connected to lynx.uio.no.
 Escape character is '^]'.
 GET /lynx/nancy/pw/csg/ HTTP/1.0
 
 HTTP/1.1 401 Authorization Required
 Date: Mon, 05 Oct 1998 09:19:25 GMT
 Server: Apache/1.3b3
 WWW-Authenticate: Basic realm="wild"
 WWW-Authenticate: 
 Connection: close
 Content-Type: text/html
 
 <HTML><HEAD><TITLE>401 - Authorization Required</TITLE></HEAD><BODY><H1>401
- Authorization Required</H1>Browser not authentication-capable or authentication failed.<IMG
SRC="/cgi-bin/Count.cgi?ft=0|frgb=69;139;50|tr=1|trgb=0;0;0|wxh=14;20|pad=0|dd=R|st= 5000|sh=0|df=no_girls.dat"></BODY></HTML>
 Connection closed by foreign host.
 
 wikne@rom 9 % telnet cheetah 80
 Trying 129.240.84.96...
 Connected to cheetah.uio.no.
 Escape character is '^]'.
 GET /lynx/nancy/pw/csg/ HTTP/1.0
 
 HTTP/1.1 401 Authorization Required
 Date: Mon, 05 Oct 1998 09:21:59 GMT
 Server: Apache/1.3.2 (Unix)
 WWW-Authenticate: 
 WWW-Authenticate: Basic realm="wild"
 Connection: close
 Content-Type: text/html
 
 <HTML><HEAD><TITLE>401 - Authorization Required</TITLE></HEAD><BODY><H1>401
- Authorization Required</H1>Browser not authentication-capable or authentication failed.<IMG
SRC="/cgi-bin/Count.cgi?ft=0|frgb=69;139;50|tr=1|trgb=0;0;0|wxh=14;20|pad=0|dd=R|st= 5000|sh=0|df=no_girls.dat"></BODY></HTML>
 Connection closed by foreign host.

Mime
View raw message