apache + mod_auth_shadow
 

i would to ask this...

i have apache 2.0.47 and i want to allow my users to have a personal web page ( hp:/www/~username). i have setuped mod_userdir and everything is working fine. I also settuped mod_dav. the thing i want is a way that every user can login using mod_auth and dav, but with his/hers password from shadow file. I did that, but there is a prob, while logging to an account using someone elses username/pass.

eg: i have lets say, albertos and thomas.

/home/albertos/www --> for albertos
/home/thomas/www --> for thomas.

if i type in (using web folders) htp://www/~albertos and i use log/pass for thomas, then thomas can see albertos dir.

is there a way to extract the username from url, and require that user with mod_auth_shadow?

thanks in advance for any answer.