> > That changing the order in which mod_midgard and mod_auth_pam are
> > LoadModuled might solve the problem. Or you could try the latest CVS
> > sources which won't interfere with other Apache authentication schemes.
> > Very experimental, has seen all of 2 (wow!) deployments, but seems to work
> > well.
>
> Ho. Nifty. How did you get round it?
It wasn't too hard. I've been bitching from the start about apache not
letting me force auth "from the inside" when it struck me that apache
isn't forcing auth -- it just checks for credentials and if they're not
found sends some headers that suggest the client to send them instead of
sending content. So I check for credentials and send the headers instead
of the content if I don't see them. D'oh! Why didn't I think of that
before.
The 'experimental' part about it is that the apache book strongly suggests
that you're only supposed to return AUTH_REQUIRED from the auth* handlers
but there's nothing that forbids you to do it in the translation phase,
which is what I do now. The new mod_midgard doesn't implement auth*
handlers so it will not interfere with the normal 'require' stuff. The
downside is (for now) that you can only authenticate against the midgar
user database, but that's no different then it was, and EAPI calls could
get around that if we wanted to.
> BTW as you have had no other volunteers I could help admin your new box.
> I admin for a UK ISP in my spare time (bigwig.net) (linux boxes) and also do
> some admin on solaris lately at my real job.
Oh I've seen plenty of volunteers, don't you worry. You can't have enough
people keeping tabs ever though, so much appreciated.
Emile
--
This is The Midgard Project's mailing list. For more information,
please visit the project's web site at http://www.midgard-project.org
To unsubscribe the list, send an empty email message to address
[EMAIL PROTECTED]
