Peter wrote: > Maybe you can try to add specifically: > $r->connection->user('who_the_user_is') before the cookie access control > returns OK in the module. Note that some of the cookie authentication > modules are based on "access-only" control so $r->connection->user() can > return a value in late phases only if one assigns it at the first place.
Point of clarification... The authentication I'm writing about is BASIC AUTHENTICATION. apache takes care of all of that. It appears as though the client is not sending it, but I don't know why ... and if not, how it manages to pass the authentication portion of the apache request loop. the example I'm using does the following: .htaccess AuthType Basic AuthName MagicName AuthUserFile /home/web/public_html/cgi/private/user.access require valid-user scriptA.plx ->redirect to scriptB.plx scriptB.plx ->redirect to scriptA.plx CONDITIONALLY if the CONDITION is met, the redirect is not done i.e. cookie present + "user" present what happens.. scriptA always has ENV{REMOTE_USER} and $r->connection->user valid scriptB rarely has them both valid either script can set the same cookie if it is not present. The cookie is always present for scriptA and usually but not always present for scriptB WHY??? Michael