Andrei Pelinescu-Onciul writes:
No, you need to send it by hand.
At least with ser auth_db, I would:
if (!www_authenticate(....)){
...
if ($digest_challenge != "")
append_to_reply("%$digest_challenge");
sl_reply("401", "Unauthorized");
}
can't do, because i don't want to call www_authenticate() at all, if
there is no Authorization header in the request. i just want to call
www_challenge() in such case.
P.S.: changing www_challenge() would be trivial, but
requires testing.
Only auth_send_reply() would need to be changed to use slb.send_reply()
and probably a module param. added to select between forced stateless
replies (lower processing) or auto replies.
i consider this a bug that should be fixed. please post the diff and
i'll test it.
-- juha