> Did your browser send digest credentials on the ajax request? You can
> log %{Authorization}i in the access log to quickly tell.
Yes. The browser is sending the creditials. I did check this. That's what
was hanging me up.
> If credentials were sent, can mod_log_config log a %u or were they
> ignored (due to no Require, satisfy any, etc)?
>
On the first request it's login in.
On the second request, a user is already logged in and it's not utilizing
the creditials to login, but it is using them to access the page being
called.
I'm not sure what you mean by " can mod_log_config". Is that the file that
performs the login? Do you think sending a header can force the new login?
Michele
