> the only problem is that, > for the PerlAuthenHandler and PerlAuthzHandler the first handler to > return an Apache error code (anything other than OK, DECLINED, or > DONE) terminates the chain. which is generally fine, except when you > want to return AUTH_REQUIRED and note_basic_auth_failure().
blarg... of course, returning OK also ends the chain, meaning that the user has been authenticated and Apache can stop now. in that respect both the PerlAuthenHandler and PerlAuthzHandler are like the PerlTransHandler (if that helps you think about it). sorry, too much information up there :) --Geoff
