Re: mod_proxy/3605: Some anonymous FTP URLs ask for authentication

[ma...@apache.org]

[In order for any reply to be added to the PR database, ]
[you need to include <ap...@Apache.Org> in the Cc line ]
[and leave the subject line UNCHANGED.  This is not done]
[automatically because of the potential for mail loops. ]
[If you do not include this Cc, your reply may be ig-   ]
[nored unless you are responding to an explicit request ]
[from a developer.                                      ]
[Reply only with text; DO NOT SEND ATTACHMENTS!         ]


Synopsis: Some anonymous FTP URLs ask for authentication

State-Changed-From-To: open-suspended
State-Changed-By: martin
State-Changed-When: Wed Apr 28 07:11:03 PDT 1999
State-Changed-Why:
Some notes on your PR:

If the dialog pops up in the same directory, then probably
logins were refused by the ftp server (too many ftp sessions
active?). When an (anonymous or previously specified 
user+password) login attempt fails, apache replies with the
401 Authenticate code.

When you change directories (towards the root dir), it's
often the browser which doesn't use the same auth info.

Apache ftp proxy doesn't "remember" anything.
It's the browser that remembers a session's user+pass
tuple for a given server.

When you start with ftp://user@host/ in the first place,
apache attempts to log in with the supplied user name,
but when the ftp server replies with a password prompt,
it can only (either try to use a default password or)
return the 401 Authorization Required response to
the browser. However, it cannot make the browser pop
up its password dialog with the username filled in
already. There's no protocol element in the
reply to supply such an initialization string.

#### Reason for SUSPEND state: ####
You say that the addition of mod_access and mod_auth
fixed your problem. If that is so then proxy_ftp should
be fixed to check for the presence of these modules.
The 401 reply should only be returned if mod_auth is
actually available.