[sending back to the list] On 10/13/05, Martin Knoblauch <spamtrap@xxxxxxxxxxxx> wrote: > hmm. Not sure that this will help. The 401 ErrorDocument is only > displayed, when I finally press the "cancel" button on the login > pop-up. I can do an infinite number of failed logins before without > getting the ErrorDocument displayed. No, in fact, the ErrorDocument is delivered to the browser immediately. It is the browser that looks at it, observes the 401 error code, and displays a password prompt rather than the document itself. So by sending a code other than 401, you will prevent the prompt. By the way, this whole discussion is premised on the assumption that your original use of FakeBasicAuth is correct. I wouldn't be at all surprised if there was a better way of enforcing certificate use to prevent this whole problem. But I don't have enough ssl knowledge to say. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|