On Thu, 27 Feb 2003, Geoffrey Young wrote:

> I've decided that the
>
>    return DECLINED if $r->is_inital_req;
>
> bit is a bad idea.  after a few hours debugging an authorization
> application, I realized that this does nothing but cause problems - if you
> DECLINE a subrequest then it's picked up by mod_auth which, if you're not
> configured for flat file auth (in addition to your custom auth), mod_auth
> will return AUTH_REQUIRED (or worse).
>
> you may want to
>
>    return OK if $r->is_inital_req;
>
> but DECLINED is almost certainly a bad idea.

What was the idea behind
return DECLINED if $r->is_inital_req;
in auth handlers in the first place?

- nick

-- 

~~~~~~~~~~~~~~~~~~~~
Nick Tonkin   {|8^)>

Reply via email to