Re: [meeting] extra Action Item - 2004-04-20

On Wed, 2004-04-21 at 23:31, Terje Bless wrote:
> Ville Skyttä <> wrote:
> >I tried adding it (see /etc/apache2/conf.d/wlc.conf), but for some
> >reason it still does not seem to work, while in my local Apache2
> >(2.0.48, Fedora Core 1) that same hack works just fine.
> AFAIK, getting Apache to pass authentication info on to CGI space requires a
> compile-time option still;

If you are referring to the SECURITY_HOLE_PASS_AUTHORIZATION #define,
I'm pretty sure that distributors like Red Hat do not build their Apache
with it set...

I thought that the mod_rewrite hack deployed on v.w.o (and now at
qa-dev) should work everywhere.  It does here, anyway; and without the
hack, $ENV{HTTP_AUTHORIZATION} is never populated.

>  unless using the native Apache API (in which case
> you should be able to access it directly).

Yep, eg. under mod_perl one can do $r->header_in('Authorization').  This
is already done in checklink but it won't obviously work when it is run
as a ordinary CGI script.

Received on Wednesday, 21 April 2004 16:44:09 UTC