On Thu, 27 Feb 2003, Geoffrey Young wrote:
> I've decided that the
>
> return DECLINED if $r->is_inital_req;
>
> bit is a bad idea. after a few hours debugging an authorization
> application, I realized that this does nothing but cause problems - if you
> DECLINE a subrequest then it's picked up by mod_auth which, if you're not
> configured for flat file auth (in addition to your custom auth), mod_auth
> will return AUTH_REQUIRED (or worse).
>
> you may want to
>
> return OK if $r->is_inital_req;
>
> but DECLINED is almost certainly a bad idea.
What was the idea behind
return DECLINED if $r->is_inital_req;
in auth handlers in the first place?
- nick
--
~~~~~~~~~~~~~~~~~~~~
Nick Tonkin {|8^)>
