Thank you so much for the insight. Your thoughts are very
valuable. I'll be digging into the CookieAuth module to see what I can
see. After I look at it just a bit, it may be that I can just use
CookieAuth as it is, or with minor tweaks and a big authentication
routine. It would deny authentication
> authenticating a user and granting the resource.
>
> I think that trying to do this by playing with the "realm", which is
> intimately linked to the URL requested by the browser, is going to lead you
> into loops of logic.
>
>
>
> Matt Puumala wrote:
>> [ snip ]
Greetings!
I am trying to make a two-factor authentication module, built on
AuthType Basic. (google for Perfect Paper Passwords for the scheme I'm
using). To make it work, I need to be able to prompt the user to type
in two passwords sequentially.
So, the user comes to the page, apache sends "40
