Question: apache 1.3.x. apache basic auth (over SSL) involving many users and groups. Alice's group gets access to /x and /y, but Bob's group only gets access to /x. When Bob tries to access /x, Bob gets a username/password prompt. Bob types in his username and password, and all is good. But if Bob tries to go to /y, he gets a username and password prompt again and again. This is presumably because apache knows Bob isn't supposed to have access to /y, so it sends a 401 error, and the browser prompts for another username and password in the hope that Bob has another login that will work. Of course, this confuses Bob to no end. So what I would like is for Bob's access attempts to /y to result in a 403 instead of a 401. In more concrete terms, if the browser presents username/password credentials to a resource, and those credentials are valid credentials but are not allowed access to this particular resource, the access should result in a 403, or similar, instead of a 401. Is this possible? A google search didn't turn up anything useful. Probably not imaginitive enough in search terms; someone else has to have had this problem before. Thanks! - Morty --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|