On Mon, Aug 11, 2008 at 11:56, mdn teo <mdnteo@xxxxxxxxx> wrote: > But how can I force to skip login retries? > I tried to set a custom 401 error page, redirecting to another page, but it > redirects just after the "n" login attempts. > I'd like to find a way to force the redirect to another page after the first > failed login for all browsers. You can't do this easily, because of the way http authentication works. Basically a browser will always first request a password protected page without authentication details, and your server must always react to that with a 401. (or the user won't get a chance to authenticate) When a browser gets a 401 response it will prompt the user for a username and password, and retry the request, this time with an authentication header added. This for a number of times, set in the browser. What you want, is for your server to serve a 403 when a request comes in for a page with an authentication header already set, but with the wrong authentication data in the header. I don't think you can do this in an easy way, as apache itself will reply with a 401 as soon as authentication fails. the only possible solution I see is to program a custom authentication module (possibly in Perl) Krist -- krist.vanbesien@xxxxxxxxx krist@xxxxxxxxxxxxx Bremgarten b. Bern, Switzerland -- A: It reverses the normal flow of conversation. Q: What's wrong with top-posting? A: Top-posting. Q: What's the biggest scourge on plain text email discussions? --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|