Bug 64481 - [mod_auth_form] Incorrect documentation example of inline form
Summary: [mod_auth_form] Incorrect documentation example of inline form
Status: NEW
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: Documentation (show other bugs)
Version: 2.5-HEAD
Hardware: PC Mac OS X 10.1
: P2 normal (vote)
Target Milestone: ---
Assignee: HTTP Server Documentation List
Depends on:
Reported: 2020-05-29 13:50 UTC by Brian Candler
Modified: 2020-05-29 13:50 UTC (History)
0 users


Note You need to log in before you can comment on or make changes to this bug.
Description Brian Candler 2020-05-29 13:50:42 UTC
At these URLs
they give the following example:

(Basic inline example)
AuthFormProvider file
ErrorDocument 401 "/login.shtml"
AuthUserFile "conf/passwd"
AuthType form
AuthName /admin
AuthFormLoginRequiredLocation "http://example.com/login.html"  <<<< NOTE
Session On
SessionCookieName session path=/

Based on testing, the AuthFormLoginRequiredLocation line needs to be removed.  That is also consistent with the previous description which says:

"If a non-authenticated user attempts to access a page protected by mod_auth_form <<<that isn't configured with a AuthFormLoginRequiredLocation directive>>>, a HTTP_UNAUTHORIZED status code is returned to the browser indicating to the user that they are not authorized to view the page."

(<<< emphasis mine >>>)