On Jan 10, 2005, at 8:54 AM, Martin Moss wrote:
I was looking into this a while back, and came across several posts that described using a PerlAccessHandler to determine if PerlAuthenHandler should be set or not.
You could then setup PerlSetVar Require_Auth '0' in any sublocations that didn't need Auth. your AccessHandler would then do a set-handlers call and get it to return OK for an AuthHandler (I've tried to dig out the syntax but I can't find it)..
I tried it briefly and couldn't get it to work at all, but I got the impression that this was down to the really quirky setup I was trying to do it on.
Anyway not much help, but perhaps give you something to search google on,
Ah, yes...there is an example of code that can link authentication and authorization phases via push_handlers here (http://modperl.com:9000/book/chapters/ ch6.html#Binding_Authentication_to_Author). Could the same work for you? You could then combine access, authen, and authz in one package and push the appropriate headers based on your access needs and variables set in httpd.conf.
Sean
