Hello I want to have some access control lists(acl) based on the content of the request body. for example I need to block some requests which have a special value in a field of a form which is submitted via http POST. external_acl_type directive does not have any format string to redirect whole request body to an external helper(authenticator). It just can redirect request header not request body. Any idea? Many thanks for your help Salman
