I recently upgraded a server using Apache::ASP,
and now for all ASP pages I get an error in error_log:
[Tue Jan 30 19:36:46 2001] [error] [client x.y.z;t] need AuthName:
/foo/index.asp
The page is served nevertheless. There is no authentication configured.
I believe I have tracked this down:
Apache::ASP does
sub new {
...
# set up the environment, including authentication info
# only copy %ENV if we are changing anything
my $env;
if(defined $r->get_basic_auth_pw) {
$env = { %ENV };
mod_perl now defaults auth_type to 'Basic', so that
when we reach ap_get_basic_auth_pw in http_protocol.c:
if (!(t = ap_auth_type(r)) || strcasecmp(t, "Basic"))
return DECLINED;
if (!ap_auth_name(r)) {
ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR,
r, "need AuthName: %s", r->uri);
return SERVER_ERROR;
}
the first test doesn't trigger anymore, and the second
one does.
I believe this started occuring when the change was made
to mod_perl to default auth_type to 'Basic' in revision
1.111 of src/modules/perl/Apache.xs.
I'm not sure what the right fix is, is it legit for
Apache::ASP to call get_basic_auth_pw when no auth is
configured? Maybe it should first call $r->some_auth_required
(not sure what that does)?
--
Eric
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
