Joshua Slive wrote:
On 1/24/06, Jason Keltz <[EMAIL PROTECTED]> wrote:
Hi.
I'm running Apache 1.3.34, and have a question that I was hoping someone
might be able to help me with.
I have two virtual hosts - one for standard HTTP, and the other for
HTTPS. All I want to be able to do is to enable one module
(mod_auth_pam actually) in the https virtualhost, and NOT have the
module defined in the HTTP virtualhost so that authentication with PAM
is not done in the clear. mod_auth_pam isn't really all that important
to this problem though. There must be a way to enable a module in one
virtualhost, and not have it enabled in the other one, all on the same
server. If there is, I can't find it..
It is the responsibility of the module to define where it is or is not
in effect. Most modules provide directives to turn themselves on or
off. In the case of mod_auth_pam, it seems like "AuthPam_Enabled off"
will do the trick.
Hi Joshua,
Thanks for your response.
The problem with this is that while I can disable the module with
AuthPam_enabled off, the user can then "enable" it in their .htaccess
file with the AuthPam_enabled on. I am looking for a higher level way
of making it so that the module is not even available to the http
server. I would have thought this is something that Apache would do.
Jason.
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
