Hello. > We had some issues making the LDAP auth work with our LDAP setup, and > since we already have a mod_auth_ldap setup, I added a "trust" auth > method, which simply accepts the HTTP auth username. > > I'm not 100% sure this is the right way to code it, but it was the > easiest way without refactoring half the login code. Add the following > lines to the top of authenticate(): > > if (getConfigVar ('USER_AUTH_SRC') == 'trust' && isset > ($_SERVER['PHP_AUTH_USER'])) > return; Just to be sure: the intended behaviour is to accept any server-verified username regardless of its presence in the database? -- DO4-UANIC