DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=26093>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=26093 httpd is too strict about Authorization-header for cgi Summary: httpd is too strict about Authorization-header for cgi Product: Apache httpd-2.0 Version: 2.0.48 Platform: Other OS/Version: All Status: NEW Severity: Normal Priority: Other Component: mod_cgi AssignedTo: [email protected] ReportedBy: [EMAIL PROTECTED] Apache 2.0.48 does not pass HTTP_AUTHORIZATION header to the cgi script without special server configuration. I know this is to protect username + password from the binary when httpd does the authentication. If this is the only reason, why doesn't httpd pass HTTP_AUTHORZATION to the script when it doesn't have its own authentication configured for cgi file / directory? I need this feature to provide my own authentication using standard methods (Digest Authentication) and to be web server independent. I know Apache can support Digest Authentication in itself, but it would need special support for adding users the way apache wants to read them. That would be different for every WWW-server out there. And I would still have to do my own Digest Authentication for servers that do not support that at all but will pass the needed variables. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
