Re: RequireAll: seems to evaluate require lines unnecessarily

On 06 Aug 2012, at 12:01 AM, Stefan Fritsch wrote: The API is currently such that an authz provider must return AUTHZ_DENIED_NO_USER instead of AUTHZ_DENIED if its result may change after authentication. Require expr in 2.4.2 does not do that. But it will be fixed in 2.4.3 with

Re: RequireAll: seems to evaluate require lines unnecessarily

On 03 Aug 2012, at 9:25 AM, Stefan Fritsch wrote: I have a config like this using httpd v2.4, in an effort to password protect each person's userdir: RequireAll Require valid-user Require expr %{note:mod_userdir_user} == %{REMOTE_USER} /RequireAll Hit it with a browser,

Re: RequireAll: seems to evaluate require lines unnecessarily

On Sun, 5 Aug 2012, Graham Leggett wrote: This works as designed. Authentication will only be triggered if the end result depends on a valid user being present. The reason is to avoid a password dialogue if the access will be denied anyway. This breaks basic authentication though, because

Re: RequireAll: seems to evaluate require lines unnecessarily

On 05 Aug 2012, at 10:39 PM, Stefan Fritsch wrote: This works as designed. Authentication will only be triggered if the end result depends on a valid user being present. The reason is to avoid a password dialogue if the access will be denied anyway. This breaks basic authentication though,

Re: RequireAll: seems to evaluate require lines unnecessarily

On Sunday 05 August 2012, Graham Leggett wrote: You mean you can't get Require expr to work. All other providers should work ok. Or do you have an example that does not involve Require expr? Most specifically, as per my original mail, I can't get the following to work: RequireAll

Re: RequireAll: seems to evaluate require lines unnecessarily

Graham Leggett wrote: Hi all, I have a config like this using httpd v2.4, in an effort to password protect each person's userdir: RequireAll Require valid-user Require expr %{note:mod_userdir_user} == %{REMOTE_USER} /RequireAll Hit it with a browser, and

Re: RequireAll: seems to evaluate require lines unnecessarily

On Thursday 02 August 2012, Graham Leggett wrote: I have a config like this using httpd v2.4, in an effort to password protect each person's userdir: RequireAll Require valid-user Require expr %{note:mod_userdir_user} == %{REMOTE_USER} /RequireAll Hit it with a

RequireAll: seems to evaluate require lines unnecessarily

Hi all, I have a config like this using httpd v2.4, in an effort to password protect each person's userdir: RequireAll Require valid-user Require expr %{note:mod_userdir_user} == %{REMOTE_USER} /RequireAll Hit it with a browser, and instead of 401 Unauthorized I'm getting