Hello Nick, > You'd want the err_headers_out to set that for an error return.
OK. Good point. Changed that. > > > Instead of sending back to the client a 302 or a 301 the next thing > > that happens the apache sends back a 401. > > Have you traced and/or stepped through execution of your own code? I have a lot of debugging code in my module. The last thing that my module does in the access checking phase is returning HTTP_MOVED_TEMPORARILY (this is logged to the errorlog). For debugging purposes I have a short code segment hooked up into the phases check_user_id and auth_checker. Those are not run. So. This leads to my conclusion that some other module must be doing something in the access checking phase. > > Could it be that your errordocument itself authenticates the client? The problem arises when the client sends POST data to the webserver. The client sends authentication information and my module does a redirection to either a failed login page or a successful welcome page. Without any "Basic Authentication" / "require ...." lines in the configuration this works. If I add a "require valid-user" it doesn't work anymore. > > > I tried to find out with "LogLevel debug". > > But this actually leads to nearly no extra lines in the log files. > > My usual tool in that situation is gdb. > I guess the other modules are not logging much if not compile for verbosity? If I'd use gdb I would have to compile every module with debugging support, I guess? Thank you for your answer, Greetings -- Sitepark Gesellschaft für Informationsmanagement mbH Rothenburg 14-16, 48143 Münster Telefon: +49 251 482655-0, Telefax: +49 251 482655-55 http://www.sitepark.com http://www.facebook.com/sitepark Geschäftsführer: Thorsten Liebold Amtsgericht Münster, HRB 5017
