The following reply was made to PR mod_setenvif/4545; it has been noted by GNATS.
From: [EMAIL PROTECTED] (Keith Turner) To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: mod_setenvif/4545: No way to limit access based on REMOTE_IDENT RFC1413 identd IdentityCheck Date: Tue, 6 Jul 1999 15:06:57 -0700 Dear Ken, > You might check out the mod_access_identd module, which > is available from <http://Web.MeepZor.Com/packages/>. Thanks for the pointer! This is one possible solution to my problem, although I still think that the mod_setenvif change is worthwhile. I'm worried that a change to the semantics of the "allow" and "deny" commands make the MeepZor module a source of confusion for anyone who inherits my web config files. The mod_setenvif patch is more localised and does not change the way the old familiar NCSA commands work. > In the Apache model, access checking occurs before > authentication and authorisation checking -- and all > of these occur before content handling. So the > information should never reach a CGI script, for > instance, because the access decision should have > been made much earlier. I don't understand the relevance of this response. I believe the patch I attached to this bug report does the job. With the config fragment I gave as the How-To-Repeat it successfully limited access based on the response from identd. Are you saying that the patch doesn't work? Are you saying that mod_setenvif is the wrong place to do this? Are you saying that this feature should not be part of the standard distribution? Hope you can clarify. Thanks, /<eith
