in reply to [OT] apache authentication default user?

you could limit the "require valid-user" to some methods only by putting it into a <limit> section:
<Limit POST>
  Require valid-user
</Limit>

[download]
This should prevent unauthenticated users from posting (if you make sure posting is only doable via POST and not via GET of course ;)
Or you could simply create a guest account (e.g. user guest with pw guest).

Update see http://httpd.apache.org/docs-2.0/mod/core.html#limit for more details
Update 2: mod_auth_anon could be of particular interrest for you

Replies are listed 'Best First'.
Re^2: [OT] apache authentication default user?
by Jaap (Curate) on Oct 24, 2004 at 21:25 UTC
    Hmm thanks... that helps. Here's a follow-up question: How do i override the 
    HTTP/1.1 200 OK

    [download]
    That apache sends? I want to send a 401.
[reply]
[d/l]
[reply]
[d/l]
        Ok i just can't fugure it out. Now i have this in my .htaccess: 
        AuthType Basic
AuthName "Formula Student Wiki"
AuthUserFile /home/formulas/.htpasswd
#Require valid-user

        [download]
        So no requiring a valid user. Now i have this in my code: 
        sub requestLogin
{
  if (($ENV{'REMOTE_USER'}) || ($ENV{'AUTH_USER'}))
  {
    message ('info', "Logged in.");
  }
  else
  {
    print <<EOF;
Status: 401 Authorization Required
WWW-Authenticate: Basic realm="Formula Student Wiki"
Connection: close
Content-type: text/plain

Login failed.
EOF
  }
}

        [download]
        Now my browser asks me for credentials 3 times, i enter them correctly but it still fails and i get the "Login Failed" message.

        Since it's asking 3 times, apache must be doing that so i don't see why it fails. If i uncomment the require valid-user, everything works.
[reply]
[d/l]
[select]

In Section Seekers of Perl Wisdom