DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=29812>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=29812 URLs processed through Action do not have auth info when the action cgi is not also within the auth realm Summary: URLs processed through Action do not have auth info when the action cgi is not also within the auth realm Product: Apache httpd-2.0 Version: 2.0.49 Platform: PC OS/Version: FreeBSD Status: NEW Severity: Major Priority: Other Component: mod_access AssignedTo: [email protected] ReportedBy: [EMAIL PROTECTED] Given something like this: Action template-handler /cgi-bin/pagehandler.cgi AddHandler template-handler .ttml All *.ttml pages are nicely processed thru pagehandler.cgi. However, if you add this: <Location /secure> AuthName "Secure Pages" AuthType Basic AuthGroupFile /dev/null AuthUserFile /web/adminpasswords require valid-user </Location> then any *.ttml file within /secure is still processed thru pagehandler.cgi, *BUT* the auth info is not presented to the pagehandler program. The auth info is still requested by the server/browser. Any static content fetched from /secure is properly logged with the auth ID, but the dynamic *.ttml are not logged with it. Under Apache 1.3, this worked as expected -- the auth info (basically REMOTE_USER) was present within the pagehandler.cgi execution. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
