Ferrari Geoffrey wrote:
> Hi,
>
> If I have activated a PerlAuthenHandler for a directory in httpd.conf with
>
> <Location /foo>
> ...
> PerlAuthenHandler My::Handler
> </Location>
>
> How can I deactivate this PerlAuthenHandler for a subdirectory, such as
> /foo/bar ?
if you want requests to /foo/bar to succeed unchecked then
<Location /foo/bar>
PerlAuthenHandler 'sub { return OK }'
</Location>
should do the trick.
>
> The online mod_perl docs explain that PerlHandlers can be deactivated
> for subdirectories by setting PerlHandler default-handler (when
> SetHandler has been set to perl-script), but either my problem lies
> elsewhere, or it is not possible to have:
>
> <Location /foo/bar>
> ....
> PerlAuthenHandler default-handler # nor indeed
> 'PerlAuthenHandler none'
> </Location>.
default-handler is the default content handler (the one that sends a flat
file to your browser) so that's really not what you want (nor will it work :)
if what you _really_ want is apache's default auth checker use the example I
gave above but return DECLINED instead. OK will essentially turn off
authentication, while DECLINED will invoke .htpasswd-type checking.
you need to understand the mechanism here. the Requires directive is
enabling authentication for a given request, but there is no way to turn it
off once it has been enabled for a request, or to un-scope it within nested
configurations. so, what you need to do is use your PerlAuthenHandler to
control what happens next - either perform some authentication, allow apache
to perform some authentication, or perform none at all.
HTH
--Geoff
