On Tue, Sep 29, 2009 at 11:26 AM, Barry Scott <barry.sc...@onelan.co.uk>wrote:
> Jeff Trawick wrote: > > On Tue, Sep 29, 2009 at 8:18 AM, Barry Scott > <barry.sc...@onelan.co.uk<mailto: >> barry.sc...@onelan.co.uk>> wrote: >> >> The mod_fcgid page says to ask on dev I assume that this is the >> right place to ask. >> >> I'm using mod_fcgid from svn with HTTPD 2.2. >> >> I want to use a fast CGI authorizer to allow me to control access >> based on my rules. >> The authorizer needs to be a long running process - never exits. >> >> I know that the fcgid code is noticing the directive because I can >> change the filename >> and see the error message from the sources. >> >> But I'm at a lose as to the required to get this configuration to >> actually call my code. >> mod_fcgid is not starting up the authorizer process. >> >> I have the following fcgid specific lines in my httpd.conf file: >> >> ---- httpd.conf ---- >> ... >> LoadModule fcgid_module modules/mod_fcgid.so >> ... >> >> Listen *:9000 >> <VirtualHost *:9000> >> <Location /> >> Order allow,deny >> Allow from all >> AuthType Digest >> >> >> Did you really mean Digest authentication instead of Basic authentication? >> >> mod_fcgid only supports Basic, AFAICT. >> >> /* Get the user password */ >> if ((res = ap_get_basic_auth_pw(r, &password)) != OK) >> return res; >> >> > I don't want to be an authenticator, I want to be a authorizer. > Authorizer has no need of passwords right. > whoops :( yes your "require valid-user" implies that you don't need authorization; try "require valid-group" instead
