Arne.Heizmann at csr
Nov 21, 2007, 9:51 AM
Views: 124
Permalink
|
Hi,
I'm not sure if this is at all possible, so correct me if I'm chasing a
ghost... I'm in the following situation:
We have a system which already has an authentication mechanism (using
cookies). We want to change this so that it uses mod_sspi, like this:
<Location />
AuthName "website name goes here"
AuthType SSPI
SSPIAuth On
SSPIAuthoritative On
SSPIOfferBasic On
SSPIBasicPreferred Off
Require valid-user
</Location>
However, we also have automated scripts accessing the same server, and
we don't want to have to change them all, so we want the SSPI
authentication to be _optional_.
Unfortunately it appears that if I remove the "Require valid-user" line,
the browser doesn't send the authentication credentials at all (doesn't
even prompt the user).
Is it at all possible to have a system where the username/password box
pops up in the browser, but if the user presses Cancel, the website is
still viewable (in my case a PHP script which would then output the
Access Denied message as appropriate)?
Thanks!
Arne
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe[at]httpd.apache.org
" from the digest: users-digest-unsubscribe[at]httpd.apache.org
For additional commands, e-mail: users-help[at]httpd.apache.org
|
SSPI auth Optional?