On Tuesday 20 November 2001 07:38 pm, Doug MacEachern wrote: > On Tue, 20 Nov 2001, sterling wrote: > > Hi - > > > > Set up an auth directory without AuthType but with require valid-user and > > AuthName and load an auth module that uses ap_note_basic_auth_failure... > > el kabong!! this patch stops the coro dumpo. > > this has bitten others in 1.x too. ended up adding protection in the > modperl wrapper functions. i applied a slightly different version to > prevent the same problem in ap_note_auth_failure(). and also changed > if (type && strcasecmp(ap_auth_type(r), "Basic")) > to > if (!type || ...) > cause i don't think it should set the *-Authenticate header if there is no > AuthType configured, right? or maybe ap_auth_type() should default to > Basic?
I like both fixes, and I agree that we need one of them. I already saw the commit, too. I also have another suggested improvement that I think we should add. This is a configuration error. We should be able to detect this kind of configuration error and report it. With the config tree logic, we can do this, by adding a bit of logic. I can do the work to make sure that when you have AuthType, you also have AuthName and Require directives. Before I do however, does anybody disagree that we should have this logic? Ryan ______________________________________________________________ Ryan Bloom [EMAIL PROTECTED] Covalent Technologies [EMAIL PROTECTED] --------------------------------------------------------------
