The client only sends basic auth credentials when requested. So if you have
an authorization handler that might validate a cookie and return OK before
basic auth credentials are requested of the client, then you will need to
set $r->user from that handler for it to be accessible later on down the
Peter wrote:
> Maybe you can try to add specifically:
> $r->connection->user('who_the_user_is') before the cookie access control
> returns OK in the module. Note that some of the cookie authentication
> modules are based on "access-only" control so $r->connection->user() can
> return a value in l
lost sometimes,
but not as often as the authentication token. This "fuzzy" behavior makes
redirects where cookies and tokens are expected very dicey...
Michael
> - Original Message -
> From: "Michael Robinton" <[EMAIL PROTECTED]>
> To: <[EMAIL
value in late phases only if one assigns it at the first place.
Peter Bi
- Original Message -
From: "Michael Robinton" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, August 28, 2002 1:05 PM
Subject: odd authetication situation
>
> I have a m
I have a modperl handler that sets a cookie and does a redirect if the
cookie was not present. The redirected page eventually loads the same page
again. In addition, this page is called from a protected portion of the
site that requires Basic Auth.
When the redirect calls the mod_perl routine th
