Hello, > On 02 Mar 2016, at 21:26, A. Warnier <a...@ice-sa.com> wrote: > >> $o_Req->note_basic_auth_failure(); >> $o_Req->headers_out->set('WWW-Authenticate' => "Basic"); >> $o_Req->headers_out->set('Realm' => "Login"); > > I believe that the above is supposed to be a single HTTP header, not 2 : > > WWW-Authenticate: Basic realm="Login”
This makes no difference for my problem. > Another thing : above, you call your code "program". At what stage of the > Apache request cycle are you calling this code ? is this a Response handler, > a PerlAuthenHandler, a cgi-bin script ? This code snippet is part of a PerlResponseHandle. I cannot use it as part of a PerlAuthenHandler. When I would run it as a PerlAuthenHandler the user would always need to enter a password. This is my scenario: I am programming a CMS with on demand publishing. If a user requests a URL it is unknown at the time of calling if the requested resource is public or if it is protected via a password. If my program decides that a password is required I would like to answer with a 401 response forcing the browser to ask a password. I can send the 401 response, but the browser never opens the dialog box for requesting a password. Best regards Matthias Schmitt