>Number: 831 >Category: mod_auth-any >Synopsis: Not prompting for username/password when defining ErrorDocument >Confidential: no >Severity: serious >Priority: medium >Responsible: apache (Apache HTTP Project) >State: open >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Mon Jul 7 11:40:01 1997 >Originator: [EMAIL PROTECTED] >Organization: apache >Release: 1.2 >Environment: SunOS axil 5.5 Generic sun4m sparc sun4m GNU gcc 2.7.2 >Description: When protecting a directory with some kind of authentification (both AuthUserFile and AuthExternal tested) in .htaccess or access.conf (both tested) and defining ErrorDocument 401 in srm.conf nobody is prompted for username/password and gets directly the document pointed by the ErrorDocument 401. >How-To-Repeat: ----- srm.conf ------ ErrorDocument 401 http://web.ols.es/messages/401.html ---- access.conf ---- <Directory /usr/local/etc/httpd/test> AllowOverride All Options Indexes AuthUserFile /usr/local/etc/httpd/test.psw AuthName TEST AuthType Basic order deny,allow allow from all <Limit GET POST> require valid-user </Limit> </Directory> >Fix: nope >Audit-Trail: >Unformatted:
