Edward Harvey wrote:
And how would users who have a different set of credentials they could
use for this second URL enter those credentials? The RFC specifies a 401
response in this scenario to allow a UA to resubmit different
credentials.
You might not care about the RFC, but Apache and browser
> And how would users who have a different set of credentials they could
> use for this second URL enter those credentials? The RFC specifies a 401
> response in this scenario to allow a UA to resubmit different
> credentials.
>
> You might not care about the RFC, but Apache and browsers mostly do.
On Fri, 2009-05-08 at 11:25 -0400, Edward Ned Harvey wrote:
> Perhaps I'm not properly distinguishing authentication and authorization.
>
> In order to get anywhere, the user has already authenticated. However,
> there are some pages where a user should not be authorized, and rather than
> prompt
Perhaps I'm not properly distinguishing authentication and authorization.
In order to get anywhere, the user has already authenticated. However,
there are some pages where a user should not be authorized, and rather than
prompt them to re-authenticate, I want to display something saying they're
n
On Wed, 2009-05-06 at 00:21 -0400, Edward Ned Harvey wrote:
> I have mod_authnz_ldap_module loaded and working properly. Users can
> login and navigate to pages where they are granted "Require User" but
> when the user navigates to a page where they have no access, it
> prompts them again to login
I have mod_authnz_ldap_module loaded and working properly. Users can login and
navigate to pages where they are granted "Require User" but when the user
navigates to a page where they have no access, it prompts them again to login,
and just keeps prompting for username & password again. I woul