Ooops! I wanted to say I was NOT using authoritative mode! In this case, I want to be able to restrict a require to only one auth module.
Xavier john wrote: > > >-- Original Message -- > >Reply-To: [EMAIL PROTECTED] > >Date: Tue, 15 Oct 2002 18:27:18 +0200 > >From: Xavier MACHENAUD <[EMAIL PROTECTED]> > >To: [EMAIL PROTECTED] > >Subject: ability to restrict scope of require directive to a single module > Hi, > > > >I'm facing the following problem : > >I'm using 2 auth modules in authoritative mode (if one fail, try the other > >one). > > This is your problem here. if both are in authoritative mode, it means > (in your words) : if one fail, DONT try the other one. You need to load > them both, and make the second one authoritative. The problem here is twofold: > 1) there is no way to order auth modules so if you're authoritative module > happens to run first, the other modules will NEVER get a chance to try > 2) if there is no 'authoritative' module and auth fails (i.e. all modules > return declined) apache core returns INTERNAL SERVER ERROR..... instead > of UNAUTHORIZED. > > Until either one of the previous things change, the only workaround is to > make the last auth module called the authoritative one.... that way both > their authorize methods will get invoked. > > sterling
