Apache authentication: Redirect on failure, reliably?

Question

I\'ve set my ErrorDocument 401 to point to my website\'s account creation page, but not all browsers seem to honor this redirect (Safari).

Also, other browsers (Fire

Answer 1

The simple answer to your question is no, you can't make this more reliable without implementing custom authentication.

The only way that Firefox and Chrome will display page that you specified in the ErrorDocument 401 directive is if you click cancel button. Also, there is no redirect sent with the 401 HTTP code; rather, it is a content of the document specified with ErrorDocument 401 directive. You can do redirect using HTML meta tag:

    AuthUserFile /path/to/users
    AuthName "This is protected area"
    AuthGroupFile /dev/null
    AuthType Basic
    Require valid-user

    #ErrorDocument 401 /register.html
    ErrorDocument 401 ""

Possible solutions to your problem are to create custom basic HTTP authentication module or to use language like php that supports basic HTTP authentication hooks

http://php.net/manual/en/features.http-auth.php