That's exactly what I did. When the authz handler is installed, I get the directory listing; when it's uninstalled, I get 'Access Denied due to rule'.
In neither instance does index.html get displayed. Very strange. I can code around it by turning off indexes and always referencing index.html, but I'd rather not, since this problem might be masking a greater problem. -klm. ----- Original Message ----- From: <[EMAIL PROTECTED]> To: "Ken Miller" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Monday, June 03, 2002 1:50 PM Subject: Re: AuthzHandler, index.html not being accessed > Ken: > > back to your original problem. Maybe you should disbale > the default index list by comment out "Options Indexes" > in your httpd.conf, so as to isolate the problem: if it > is authz related or not at all. > > Peter > > > > > > > A note: since cookie is involved, why not to implement > > > all the access/authentication/authurization functions at > > > the access control phase using cookie ? > > > > I've got them split out to match the phase in which they'd be invoked. > > That, and the fact that the access handler will be invoked everywhere, but > > the authorization handler may be different based on the application being > > protected. > > > > Back to the original problem: it all boils down to the Authz handler. When > > it's activated via 'require', directory indexes are not generated. Remove > > the require, and *poof*, you get directory indexes. > > > > > > > > > > > Peter > > > > I've got an interesting problem, related to my development of some > > > > Authen/Authz handlers. > > > > > > > > I have a directory on which I've installed an Access, Authen, and Authz > > > > handler: > > > > > > > > - the Access handler makes sure a cookie exists, and redirects the user > > to a > > > > login page if it doens't. If the cookie does exist, populate > > > > $r->connection->user. This works. > > > > > > > > - Authen handler currently returns OK - it will be used to validate the > > user > > > > as stored in the cookie > > > > > > > > If I 'require valid-user' in the directory, my authz handler doesn't get > > > > invoked, which I expect. However, If I request the directory (ie. > > /test/) I > > > > get a directory listing instead of index.html. If I take out the > > require, > > > > thereby bypassing authen/authz, I get index.html. If I also put in > > custom > > > > 'requires', my authz handler is invoked, and the same thing happens. > > > > > > > > So, it seems that when OK is returned from an authz handler, the > > > > DirectoryIndex is not being read. > > > > > > > > I've been unsucessful in trying to find a solution. > > > > > > > > Ideas? > > > > > > > > -klm. > > > > > > > > BTW, I understand that what I'm doing does appear to be similar to > > > > Apache::AuthCookie, but I have a few different requirements that I need > > to > > > > incorporate.... > > > > > > > > > > > > > > > > > > > > > >