I'm having trouble fiddling around with user authentication on a proxy server. This is the basic setup. User requests a page => Apache proxy => MediaSurface => NT site Content is split between both MS & NT boxes and some content is public and some is members (basic auth). What we've found, by using a packet sniffer, that some browsers tend to send auth headers when they are not required ie to a public page when they've previously visited a members page. Mediasurface (a content management system) doesn't like this. When it receives auth headers for a page which is public, it returns 401. Our subscribers tend to get annoyed with continuous password prompts. What I would like to do is use a PerlHandler on the proxy box to either strip the auth headers or write them to have 'Authorization: ' which works with Mediasurface. I'm having trouble writing a handler which changes the headers *and* still keeps to the ProxyPass settings. Can someone shed some light and explain a few things to me? I've tried ProxyPassing /public to http://user:pass@mediasurfacebox/public where user:pass is a valid username to access both public and private. Basically what I have so far inside a PerlAccessHandler is: $r = shift; my $request = $r->uri(); if ($request =~ /\/public/) { $r->header_in('Authorization'=>' '); <--- is this the correct way to rewrite headers? } return OK; <--- does this return to the client? or still pass through? Any help appreciated. Doug