[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#92052: Present in apache 2 & workaround

clone 92052 -1
reassign -1 apache2
found -1 2.2.3-4

Ideally a granular (at least per-vhost) option to enable or disable this
feature would be useful--I would like to allow certain (fast)cgi scripts
the ability to process HTTP authentication, but I don't want others
having access to the usernames/passwords that my users authenticate

The following mod_rewrite rules implement a workaround:

        RewriteCond %{HTTP:Authorization} (.*)
        RewriteRule . - [env=HTTP_AUTHORIZATION:%1]

These directives are granular down to the directory/.htaccess level. :)

Sam Morris

PGP key id 1024D/5EA01078
3412 EA18 1277 354B 991B  C869 B219 7FDB 5EA0 1078

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: