On 01/26/2011 06:52 PM, Rich Bowen wrote:
On Jan 26, 2011, at 10:52 AM, J.Lance Wilkinson wrote:
I have a developer who's using Apache 1.3.9 (supplied as Oracle HTTP server within Oracle
Application Express) and needs to SUPPRESS his default authentication (mod_cosign from
weblogin.org) when the user's QUERY_STRING contains the string ":25:".
Otherwise he wants to continue to enforce his
authentication.
Thoughts?
My first thought is "Holy cow, 1.3.9 was released in August 1999. Why the heck are
you using *that* dinosaur."
Closely followed by, no, that's probably not possible, and especially not in
something that ancient.
If you're stuck with that apache version due to oracle, you might be
able to pull that off by having an apache 2.2 with mod_rewrite &
mod_proxy in front of your current server, and do your
authentication/bypassing there. However, if your server is publicly
accessible, i'd look far and wide for a different "bypass" mechanism
(rather, no bypass at all).
/Björn
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
