httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrew <and...@aaaaaaaa.demon.co.uk>
Subject Re: [Fwd: "Satisfy" directory protection]
Date Thu, 07 Mar 1996 15:30:07 GMT
> Hmmmm... if I understand what "satisfy" does correctly, it could
> be handled by modifying the code in http_request.c which invokes
> the auth and access control checks, to allow successful completion
> of *either* phase to allow the request to proceed, rather than
> requiring both (conditionally on a new core per-directory config
> field, of course).  As Mark has pointed out, it cannot be done
> in a module.

Mmm, I think it can.  However it'd require two modules to share
information on the success/failure of phases of the request.

A rethink of 'access' and 'authentication' modules, which combines
their gate-keeper faculties into a single module (with sub-modules
to implement authentication in a chosen way, flatfile/dbm/sql)
might be the way to go.  But then that *is* just like hacking the
core.

> rst

Ay.


Mime
View raw message