> well, this is the case for HTTP. :)
> > > Well I am using a non-HTTP protocol (implemented with the > multiprotocol capability of Apache2) where client and server > negotiate on an auth mechanism (e.g. CRAM-MD5 or CRAM-SHA1). > > These auth mechanisms are implemented in auth handlers which > are invoked via "$r->run_check_user_id()". > > The auth data (digest) sent by the client are available to the > protocol handler in the first place and has to be passed to > the auth handlers to be verified. Now I am looking for a > "canonical place" to put the digest data in. I suppose $r->notes is as good a place as any, then. but I guess I find it a bit odd that there is a "request" in a true protocol handler. but I don't really fully understand the whole protocol handler yet, so I guess it's ok :) --Geoff