keyword 'skip' in access rules, to skip access control
For better performance, you may want to protect only meaningful contents, and not dummy contents or static files as images and css.
Configuring access control only on some specific urls may be done in apache config, with 'Location' and 'LocationMatch' directives, but it's not easy to use. For example, if you want to control access to all urls except /images/ and /static/css/, you must write
<LocationMatch "(?!\/(images|static\/css)\/)">
PerlHeaderParserHandler Lemonldap::NG::Handler
</LocationMatch>
Besides, lemonldap-ng cookies are not removed from the unprotected requests, so they may be catched by remote apps. Of course it can be done with 'Header delete Cookies', but then it removes all cookies.
I would like to add possibility to tell Lemonldap::NG Handler to skip access control, but just remove cookies, by adding a keyword 'skip' in access rules.