You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Brian Behlendorf <br...@wired.com> on 1995/03/30 20:47:14 UTC
Re: custom error messages/authentication problem
(brought to the list because I forgot to cc: it to begin with)
On Thu, 30 Mar 1995, Rob Hartill wrote:
> > If I set in the srm.conf
> >
> > ErrorDocument 401 /401.html
> >
> > apache will output the contents of that file, but it won't send the right
> > HTTP headers to the client telling them they need to authenticate. So
> > instead of a prompt for a name/password, the user just sees that page
> > (when normally they only see that page if they give up on registering).
>
> Hmm, the trick (at the moment) appears to be that you need to
> redirect to a script which produces...
>
> print "Status: 401 Auth req\r
> Content-type: text/html\r
> WWW-Authenticate: whatever\r\n\r\n
>
> I don't use authentication so I'm not setup to try it out. Let me
> know if that fixes it. If not, it might be possible to fiddle a bit
> to get it working.
Err, I think the general problem is that if the error message also sends
any extra headers (like 401, I don't know of any others) then those
headers should be sent even if an HTML file is indicated as the
response. The mechanisms should already be there for this - if the
ErrorDocument directive is just a text string then the 401 response is
correct and the user is prompted for a name/password.
it should be noted that arena never shows the extra text that goes along
with the 401 response (when done correctly). Interesting.
Brian
--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--
brian@hotwired.com brian@hyperreal.com http://www.hotwired.com/Staff/brian/