Hi,I'm not sure if this is at all possible, so correct me if I'm chasing a ghost... I'm in the following situation:
We have a system which already has an authentication mechanism (using cookies). We want to change this so that it uses mod_sspi, like this:
<Location />
AuthName "website name goes here"
AuthType SSPI
SSPIAuth On
SSPIAuthoritative On
SSPIOfferBasic On
SSPIBasicPreferred Off
Require valid-user
</Location>
However, we also have automated scripts accessing the same server, and
we don't want to have to change them all, so we want the SSPI
authentication to be _optional_.
Unfortunately it appears that if I remove the "Require valid-user" line, the browser doesn't send the authentication credentials at all (doesn't even prompt the user).
Is it at all possible to have a system where the username/password box pops up in the browser, but if the user presses Cancel, the website is still viewable (in my case a PHP script which would then output the Access Denied message as appropriate)?
Thanks! Arne --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|