I recently installed apache 1.3.12 on Linux 6.1 with NIS+ Authentication, By reviewing the access_log file, that I noticed the user names were logged as the 3rd field of the access record. But I also noticed when there is a scheduled process (from NT accessing the web page the user name is blank.(-). Apparent there is no way the process can answer password, if Apache does not know who the requestor is, why apache still grant the access? can this cause security leak? or I am missing something? Appreciated if some one can give some directions? Thanks, PC Wang
