More Secure Sub-directory

Cantor, Scott cantor.2 at
Fri Jan 27 01:22:46 GMT 2012

On 1/26/12 8:17 PM, "Aaron Roots" <aaron.roots at> wrote:
>The latter xml rules was the only way we could provide users with
>authentication control directly themselves and also have access to use
>mod_rewrite. Have not had any other issues reported - so maybe we do not
>use the other things that may cause problems as well

I wasn't referring to other features one might use, but just saying that
if you take Shibboleth out of the equation and substitute something like
mod_auth_ldap or kerb or just vanilla mod_auth, you have the same problem
with combining require valid-user and something else in that particular
mode. It seems like something people would need to do, and hard to believe
Apache gets it that wrong.

-- Scott

More information about the users mailing list