Hi, I'm currently handling access control with "AuthBasicProvider ldap dbd". I'd like to get rid of the growing list of <Location> directives in our httpd.conf and lookup each request url against a database, to check whether it requires a login. Visitors should be able to browse the website without an account, and only be asked for one for specific URLs.
I've tried using a PerlInitHandler in <Location />, but am unable to get it to work. It seems that the Auth/Authz phases are only run when the <Location /> contains a "Require" directive. It appears that Apache2::Access->requires() is only a getter, so I can't switch "Require" on within my PerlInitHandler. But if I set "Require" in httpd.conf, I can't unset it for URLs that shouldn't require a login. Am I going about this the wrong way - and has this been solved before? Cheers, Carl