We recently upgraded our webserver from Apache 1.3.6 / modperl 1.19 to Apache 1.3.27 / modperl 1.27
We use a .htaccess file in a directory to have a modperl script do authentication for directory access (for downloading files, etc.). It also redirects the user from http to https if he does not come in through https. On our old server, the user would only see the browser's login box once when he came in through http and was redirected to https. On the new server, however, the user has to login twice. But if the user comes in through https on the new server, there is only one login. So my guess is that the new server is not treating an authentication realm in http as the same as one in https. So, my question is... Is this different treatment of the http/https authentication realms something that changed in the newer version of modperl (or possibly apache)? Or is this something that can be changed through configuration options? (and also... is my analysis even correct? :) ) Thanks! -Jason Fong
