Hi all,
I have a problem with my authentication handler. When the
authentication succeeds i create a new key and pass it off as cookie to the
client. But it seems the key is getting created twice as the hook is invoked
twice.
I just got around this by using ap_is_initial_request(), but is it
appropriate or safe to skip the authentication for a subrequest? One more
problem i had when i just did authentication in subrequest is that even if i
return FORBIDDEN, the server used to show home page. Should authenticating a
client be handled from main request only?
Thanks in advance for any help.
Regards,
Vyas
