On Apr 8, 2016, at 10:13 AM, Süleyman Kuran <skuran@ayk.gov.tr> wrote:
apache is not asking for username/password after 1 failed radius auth attempt. After 1 failed auth, Unauthorized page appears and if I refresh the page (F5) previous failed credentials are sent to the radius server without popping up a window asking for username/password. If login is OK the page is authorized. But if not, the user will have to wait for the popup window until the session is timed out.
There's not much I can say to that, unfortunately. It's *supposed* to work, but Apache changed their API so often that I just gave up trying to maintain the module.
if apache is configured for basic auth with htpasswd file. It asks for the password after failed login as expected.
Nothing is logged in apache error log.
Nothing useful is ever logged into the Apache error log. :(
Is anybody having an idea about whats going on?
My guess is that the web browser isn't deleting the bad name / password like it's supposed to. Does it work with another browser? Alan DeKok.