Environment:
Platform- linux
Apache version- 2.2
Modules enabled- deflate dir autoindex env mime negotiation custom_module reqtimeout setenvif
As you can see, both auth and authz are disabled completely. httpd.conf and apache2.conf files reflect the same. In handling some proprietary authentication protocol in my custom_module, I do return 401 status code along with a custom entity which goes thro' fine to the client. But when I send a second 401 status return (required by my own auth protocol) along with a custom entity, client do get the 401 status but a different entity below which I don't send:
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>401 Authorization Required</title></head><body><h1>Authorization Required</h1><p>This server could not verify that youare authorized to access the documentrequested. Either you supplied the wrongcredentials (e.g., bad password), or yourbrowser doesn't understand how to supplythe credentials required.</p></body></html>
The entity I put doesn't get sent out the client but the above. I've not defined any
ErrorDocument directive with the above message. Any clues?
