Funky problem w/ mod_fastcgi and Apache 1.2 - authentication

Alan Sparks (asparks@nss.harris.com)
Fri, 13 Dec 1996 10:58:41 -0800

Message-Id: <01BBE8E4.9A9EB360@a16186.nss.harris.com>
From: Alan Sparks <asparks@nss.harris.com>
To: "fastcgi-developers@OpenMarket.com"
Subject: Funky problem w/ mod_fastcgi and Apache 1.2 - authentication
Date: Fri, 13 Dec 1996 10:58:41 -0800

I've found a really weird problem using the mod_fastcgi modules (OM's =
and Apache's) when the FCGI app is inside of an authenticated region.  =
This appears to be more of an Apache problem than anything (I've sent =
the problem to the Apache Group).  But if you want to use Apache 1.2 =
with Satisfy and FCGI, watch for this:

If I try something like:

Alias /fcgi-bin/ /usr/local/httpd/fcgi-bin/
<Location /fcgi-bin/tiny-perl-fcgi>
  ForceType fastcgi-script
</Location>

... AppClass for tiny-perl-fcgi goes in here...

<Directory /usr/local/httpd/fcgi-bin>
  AuthType Basic
  Satisfy Any
  AuthName foobar
  order deny,allow
  deny from all
  allow from .mycompany.com
  AuthUserFile /usr/local/httpd/htpasswd
  require valid-user
</Directory>

THEN:
accessing /fcgi-bin/tiny-perl-fcgi is responded to with a request for =
authentication.  Accessing other (non FCGI) files under /fcgi-bin are =
not challenged.  Only the FCGI app is incorrectly restricted.

Just FYI, haven't yet a clue what's happening (other than it appears =
that the newly-added Satisfy directive has an odd interaction with the =
fastcgi module).  Stopped my migration to Apache 1.2.