On Sun, Mar 17, 2013 at 12:02 PM, <[email protected]> wrote: > Author: minfrin > Date: Sun Mar 17 16:02:41 2013 > New Revision: 1457471 > > URL: http://svn.apache.org/r1457471 > Log: > mod_auth_basic: Add a generic mechanism to fake basic authentication > using the ap_expr parser. This allows the administrator to construct > their own username and password for basic authentication based on their > needs. Alternative fix for PR52616.
If we maintain the use of a password here, like mod_ssl does, wouldn't we need to make sure it doesn't come in over the wire? (Maybe better to have AuthBasicProvider fake and not have to deal with a dummy password)
