On Wed, Mar 28, 2001, [EMAIL PROTECTED] wrote:
> Wondering if anybody came across this problem before.
> Say I have
>
> <VirtualHost 172.25.60.45>
> ServerName pikachutest
> DocumentRoot /home/httpd/devel/TonyC/
>
> <Directory "/home/httpd/devel/TonyC">
> SSLRequireSSL
> order deny,allow
> deny from all
> </Directory>
>
> </VirtualHost>
>
> That is I am trying to ensure ssl connections to pikachutest
> and denying them acces with deny from all. However its seems that
> when I include the SSLRequireSSL directive that the deny from clause
> is ignored. If I remove the SSLRequireSSL directive then it works fine.
I think I found the reason. mod_ssl's auth handler returned OK instead
of DECLINE and so mod_auth was no longer called from the Apache module
dispatching code. Should be fixed for mod_ssl 2.8.2. Thanks for your
feedback.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]