This is a multi-part message in MIME format.
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

Content-Type: message/rfc822;
name="Re: Auth - Auhtz module session?.eml"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="Re: Auth - Auhtz module session?.eml"

Message-ID: <>
Date: Tue, 29 Jan 2008 11:39:57 +0100
From: Ward Loockx
Organization: Besite
User-Agent: Thunderbird (X11/20071022)
MIME-Version: 1.0
To: John ORourke
Subject: Re: Auth - Auhtz module session?
References: <> <>
In-Reply-To: <>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

John ORourke wrote:
> Ward Loockx wrote:
>> I've written a ldap auth-authz module in mod_perl but when I give in
>> wrong username/pass I need to close my browser in order to get the
>> login screen again. When I try to refresh without closing I'm getting
>> the following message wich is obvious
>> Authorization Required

> First make sure you're returning the right response code - eg. if the
> password is wrong but you return a 2xx or 3xx to the browser instead
> of 401, the browser will think it's fine and just keep using the same
> credentials.
> Also get yourself a copy of the Web Developer's Toolbar for Firefox -
> it includes options to clear browser authentication, cache and cookies
> and lots of other very useful tools for mod_perl development.
> cheers
> John

I think i use the good error codes.

I use Const::HTTP_UNAUTHORIZED when it fails
and Const::OK when it's OK