On Mon, 27 Nov 2006 15:22:59 +0530 "Vedavyas Raichur" <[EMAIL PROTECTED]> wrote:
> Hi all, > I have a problem with my authentication handler. When the > authentication succeeds i create a new key and pass it off as cookie > to the client. But it seems the key is getting created twice as the > hook is invoked twice. Is that a problem? Is your cookie reaching the client twice? > I just got around this by using ap_is_initial_request(), but is it > appropriate or safe to skip the authentication for a subrequest? Careful with your terminology there. It's more likely an internal redirect than a subrequest. An internal redirect is what you get for example when mod_dir maps "/" to "/index.html". So to answer your question: no it's not safe to authenticate only if ap_is_initial_request. An internal redirect may happen before the authentication phase, for example when you use the Alias directive. What you can do when ap_isn't_initial_request is check the r->user field in the parent request or previous request (depending on whether it's a subreq or internal redirect). That'll be set if authentication already happened. -- Nick Kew Application Development with Apache - the Apache Modules Book http://www.apachetutor.org/
