Lol. I'm using the proper syntax on the server. Just checked.
-Original Message-
From: Eric Covener [mailto:cove...@gmail.com]
Sent: Thursday, February 12, 2009 2:49 PM
To: modules-dev@httpd.apache.org
Subject: Re: Making mod_auth_digest mysql
On Thu, Feb 12, 2009 at 2:25 PM, Michele
On Thu, Feb 12, 2009 at 3:27 PM, Michele Waldman mmwald...@nyc.rr.com wrote:
RewriteCond ${REMOTE_USER} . does not seem to work when the REMOTE_USER is
not defined. The statement evaluates to true.
What happens when you use the proper syntax, %{REMOTE_USER}?
Lol. I'm using the proper
-
From: Michele Waldman [mailto:mmwald...@nyc.rr.com]
Sent: Thursday, February 12, 2009 3:28 PM
To: modules-dev@httpd.apache.org
Subject: RE: Making mod_auth_digest mysql
Lol. I'm using the proper syntax on the server. Just checked.
-Original Message-
From: Eric Covener [mailto:cove
On Thu, Feb 12, 2009 at 3:44 PM, Michele Waldman mmwald...@nyc.rr.com wrote:
Basically, when I user is logged out, %{REMOTE_USER} is not defined. It
seems any rewritecode using an undefined server environment variable always
evaluates to true. I don't want this. I want false if not defined.
On Thu, Feb 12, 2009 at 3:49 PM, Michele Waldman mmwald...@nyc.rr.com wrote:
I'm doing this:
RewriteEngine On
RewriteCond %{REMOTE_USER} .
RewriteRule ^.*$ - [S=1]
RewriteRule ^.*$ http://domain/logged_out.html?%{N} [R]
AuthType Digest
AuthName account
AuthUserFile /path/.htpasswd
Michele Waldman wrote:
I'm doing this:
RewriteEngine On
RewriteCond %{REMOTE_USER} .
RewriteRule ^.*$ - [S=1]
RewriteRule ^.*$ http://domain/logged_out.html?%{N} [R]
AuthType Digest
AuthName account
AuthUserFile /path/.htpasswd
Require valid-user
1) The user is logged in.
2) The user logs
There is not authentication requirement for logged_out it's in a higher
directory.
-Original Message-
From: Joe Lewis [mailto:j...@joe-lewis.com]
Sent: Thursday, February 12, 2009 4:46 PM
To: modules-dev@httpd.apache.org
Subject: Re: Making mod_auth_digest mysql
Michele Waldman wrote
Michele Waldman wrote:
There is not authentication requirement for logged_out it's in a higher
directory.
Okay, then. I'm afraid I am not understanding everything here. I doubt
the wheel needs to be reimplemented, but it seems the push is in that
direction. For my feeble mind, can you
authenticating against mysql was all part
of this.
Michele
-Original Message-
From: Joe Lewis [mailto:j...@joe-lewis.com]
Sent: Thursday, February 12, 2009 6:39 PM
To: modules-dev@httpd.apache.org
Subject: Re: Making mod_auth_digest mysql
Michele Waldman wrote:
There is not authentication
Michele Waldman wrote:
All the actual authentication if fine. I wouldn't rely on cookies for
security. It sounds like cookies would be a fake security.
I was thinking about creating a logout cookie.
Then, the popup would only happen if the user hacked their cookies.
Shame on them.
But it
I don't drink that frequently, but when I do I get chatty, even on the
computer.
-Original Message-
From: Ray Morris [mailto:supp...@bettercgi.com]
Sent: Sunday, February 08, 2009 8:00 PM
To: modules-dev@httpd.apache.org
Subject: Re: Making mod_auth_digest mysql
Sorry, about
evaluate to true?
Michele
-Original Message-
From: Dave Ingram [mailto:d...@dmi.me.uk]
Sent: Friday, February 06, 2009 5:55 AM
To: modules-dev@httpd.apache.org
Subject: Re: Making mod_auth_digest mysql
The -f and -d flags for RewriteCond are for checking the file system,
not environment
On Fri, Feb 6, 2009 at 8:49 AM, Michele Waldman mmwald...@nyc.rr.com wrote:
I mean to check server environment variables which is what REMOTE_USER is.
This might be better off on us...@httpd.apache.org
I just want to know if the variable is defined on the server then I could do
this:
The -f and -d flags for RewriteCond are for checking the file system,
not environment variables, although they can use environment variables
if necessary. For example:
RewriteCond %{DOCUMENT_ROOT}/%{ENV:foo} -d
would check that the folder named by the environment variable foo
exists in the
2009/2/1 Michele Waldman mmwald...@nyc.rr.com:
The userlist (http://httpd.apache.org/userslist.html) might be a
better place, but...
I want to do the following in htaccess for account security:
FilesMatch .*[^(wp_login.php|logout.php)]
That would not do what it should do. [^...] is a negated
15 matches
Mail list logo
