On 08.09.09 07:11, Melanie Pfefer wrote: > Before I build a script, I would like to know if anybody thought of > auditing the apache log so that it reports the logins of the users who > tried to access a certain folder, regardless whether the access was > successful (Http response 200) or not (401 and 304)
401 does NOT mean usuccessfull attempt as you apparently mean it. 401 usually happens when the browser tries to access an object for the first time, 401 means that client has to send auth infromations. When user gives those informations (e.g. login and password), browser resubmits the request witht he provbided informations. 304 also does not mean unsuccessfull request. It means successfull request, but the client provided it has the same version of object cached, so server responds wiht "304 not modified" so client can reuse the cached content. (first) successfull request usually means two requests, first is refused with 401, second request leads to 200 or 304. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Nothing is fool-proof to a talented fool. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org " from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
