diff -ru cosign-2.0.1.orig/filters/apache/mod_cosign.c cosign-2.0.1/filters/apache/mod_cosign.c
--- cosign-2.0.1.orig/filters/apache/mod_cosign.c	2006-06-01 15:39:50.000000000 +0100
+++ cosign-2.0.1/filters/apache/mod_cosign.c	2007-01-31 09:17:01.980900480 +0000
@@ -929,7 +929,7 @@
         "the URL to deliver bad news about POSTed data" },
 
         { "CosignService", set_cosign_service,
-        NULL, RSRC_CONF | ACCESS_CONF, TAKE1,
+        NULL, RSRC_CONF | OR_AUTHCFG, TAKE1,
         "the name of the cosign service" },
 
         { "CosignProtected", set_cosign_protect,
@@ -969,11 +969,11 @@
 	"\"never\", \"initial\", or \"always\"" },
 
 	{ "CosignSiteEntry", set_cosign_siteentry,
-	NULL, RSRC_CONF | ACCESS_CONF, TAKE1,
+	NULL, RSRC_CONF | OR_AUTHCFG, TAKE1,
 	"\"none\" or URL to redirect for users who successfully authenticate" },
 
 	{ "CosignRequireFactor", set_cosign_factor,
-	NULL, RSRC_CONF | ACCESS_CONF, RAW_ARGS,
+	NULL, RSRC_CONF | OR_AUTHCFG, RAW_ARGS,
 	"the authentication factors that must be satisfied" },
 
 	{ "CosignFactorSuffix", set_cosign_factorsuffix,
@@ -985,7 +985,7 @@
 	"on or off, on allows you to accept faux factors, off denies access" },
 
 	{ "CosignAllowPublicAccess", set_cosign_public,
-	NULL, RSRC_CONF | ACCESS_CONF, FLAG,
+	NULL, RSRC_CONF | OR_AUTHCFG, FLAG,
 	"make authentication optional for protected sites" },
 
         { "CosignHttpOnly", set_cosign_http,
diff -ru cosign-2.0.1.orig/filters/apache2/mod_cosign.c cosign-2.0.1/filters/apache2/mod_cosign.c
--- cosign-2.0.1.orig/filters/apache2/mod_cosign.c	2006-06-23 21:17:51.000000000 +0100
+++ cosign-2.0.1/filters/apache2/mod_cosign.c	2007-01-24 09:29:32.000000000 +0000
@@ -922,7 +922,7 @@
         "the URL to deliver bad news about POSTed data" ),
 
         AP_INIT_TAKE1( "CosignService", set_cosign_service,
-        NULL, RSRC_CONF | ACCESS_CONF, 
+        NULL, RSRC_CONF | OR_AUTHCFG, 
         "the name of the cosign service" ),
 
         AP_INIT_FLAG( "CosignProtected", set_cosign_protect,
@@ -962,11 +962,11 @@
         "\"never\", \"initial\", or \"always\"" ),
 
         AP_INIT_TAKE1( "CosignSiteEntry", set_cosign_siteentry,
-        NULL, RSRC_CONF | ACCESS_CONF, 
+        NULL, RSRC_CONF | OR_AUTHCFG, 
         "\"none\" or URL to redirect for users who successfully authenticate" ),
 
         AP_INIT_RAW_ARGS( "CosignRequireFactor", set_cosign_factor,
-        NULL, RSRC_CONF | ACCESS_CONF, 
+        NULL, RSRC_CONF | OR_AUTHCFG, 
         "the authentication factors that must be satisfied" ),
 
         AP_INIT_TAKE1( "CosignFactorSuffix", set_cosign_factorsuffix,
@@ -978,7 +978,7 @@
         "on or off, on allows you to accept faux factors, off denies access" ),
 
         AP_INIT_FLAG( "CosignAllowPublicAccess", set_cosign_public,
-        NULL, RSRC_CONF | ACCESS_CONF, 
+        NULL, RSRC_CONF | OR_AUTHCFG, 
         "make authentication optional for protected sites" ),
 
         AP_INIT_FLAG( "CosignHttpOnly", set_cosign_http,