>>> On 4/30/2007 at 10:13 AM, in message <[EMAIL PROTECTED]>, Patrick Welche <[EMAIL PROTECTED]> wrote: > On Fri, Apr 27, 2007 at 03:44:08PM -0600, Brad Nicholes wrote: >> >>> On 4/27/2007 at 11:30 AM, in message >> <[EMAIL PROTECTED]>, Patrick Welche >> <[EMAIL PROTECTED]> wrote: > ... >> > Using httpd trunk 529626, of Apr 19 2007, I tried a FAQ configuration >> > with the new authentication framework: >> > >> > <Directory "/usr/local/share/httpd/htdocs/learn"> >> > AuthType basic >> > AuthName "raven test" >> > AuthBasicProvider file >> > AuthUserFile /usr/local/etc/pass.txt >> > <SatisfyOne> >> > Require host quartz.itdept.newn.cam.ac.uk >> > Require ip 192.168.200.180 >> > Require valid-user >> > </SatisfyOne> >> > </Directory> > ... >> It's beginning to look like Order, Allow, Deny, Satisfy can't be deprecated > after all. However I still think that there is a usefulness for the same > type of authorization rules defined by "require". > > Indeed, translating to the compat form: > > <Directory "/usr/local/share/httpd/htdocs/learn"> > AuthType basic > AuthName "raven test" > AuthBasicProvider file > AuthBasicAuthoritative Off > AuthUserFile /usr/local/etc/httppwddb > Order Deny,Allow > Deny from All > Allow from quartz.itdept.newn.cam.ac.uk 192.168.200.180 > Require valid-user > Satisfy Any > </Directory> > > behaves as expected. > > Cheers, > > Patrick
I'm a little surprised to hear that. Are you sure that you cleared out your authenticated session cache before you tested the new configuration? As the code stands now, you would have had to go through the authentication hook which no matter what the access_control hook said, would have forced a prompt for a user name and password if it didn't already exist in the header. It's always good to hear that things are working correctly, but in this case I am a little surprised. Brad
