Mod Perl help needed.

[Doug Balmer <do...@WGSN.com>]

I'm having trouble fiddling around with user authentication on a proxy
server.

This is the basic setup.
User requests a page => Apache proxy => MediaSurface
						 => NT site

Content is split between both MS & NT boxes and some content is public and
some is members (basic auth).

What we've found, by using a packet sniffer, that some browsers tend to send
auth headers when they are not required ie to a public page when they've
previously visited a members page. Mediasurface (a content management
system) doesn't like this. When it receives auth headers for a page which is
public, it returns 401. Our subscribers tend to get annoyed with continuous
password prompts.

What I would like to do is use a PerlHandler on the proxy box to either
strip the auth headers or write them to have 'Authorization: ' which works
with Mediasurface. I'm having trouble writing a handler which changes the
headers *and* still keeps to the ProxyPass settings. Can someone shed some
light and explain a few things to me?

I've tried ProxyPassing /public to http://user:pass@mediasurfacebox/public
where user:pass is a valid username to access both public and private.

Basically what I have so far inside a PerlAccessHandler is:
	$r = shift;
	my $request = $r->uri();
	if ($request =~ /\/public/) {
		$r->header_in('Authorization'=>' ');  <--- is this the
correct way to rewrite headers?
	}
	return OK;    <--- does this return to the client? or still pass
through?

Any help appreciated.
Doug