Hi Harald,
> One step is still missing in my chain: I like to change from http to https
> not depending on the directory or location tag. I like to switch as soon
> as an authorization is required. This is more flexible.
I too tried to take it this direction first. So I added a bunch of stuff
to my AuthenHandler. No go, by the time this module is executed, the
browser has already asked for a login and password (so they are sent over
plain text). So then you could have something like a global AccessHandler
(I am guessing). The problem is your global access handler would have to
dynamically know if the area being requested was protected or not since an
AccessHandler could apply to more than just protected locations. Since
that is later in the apache cycle I could not track down if this was even
possible. So I was left with what I showed.
> It lloks like to find something simular like reacting on the server error
> code 401 by
> errordocument 401 /path/doc.html
I think the problem with this is that in order to get the 401 you must
first prompt the user for a login/password. I could be wrong though.
Maybe someone else has some comments.
Good luck,
Joshua
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
