httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brian Behlendorf <br...@organic.com>
Subject Re: 1.1b5 access.conf
Date Tue, 02 Jul 1996 06:10:55 GMT
On Mon, 1 Jul 1996, Alexei Kosut wrote:
> On Mon, 1 Jul 1996, Nathan Neulinger wrote:
> 
> > This brings up something that has been bugging me for quite some time...
> > Having to worry about adding new <Limit> options every time we add support
> > for a new method... And having to list them all out.
> > 
> > I personally would REALLY like to be able to do this:
> > 
> > <Limit>
> >         whatever
> > </Limit>
> > 
> > Which would limit EVERYTHING. Since that is almost always what I do anyway.
> 
> Correct me if I'm wrong, but if you use the auth/access commands outside
> of a <Limit>, they should apply to everything. At least, I think that's
> what RST said, and I think I've successfully done that.

Holy smokes.  Why didn't I think of that?  Sheesh.  Yes yes yes.  We
should change access.conf to remove references to <Limit>, and <Limit>
should be documented as "use this *only* when you want a particular set of
access control directives to apply to a particular set of methods".  

It begs the question of whether something like this is legal:

<Directory /blah>
....
<Limit GET HEAD>
require group anyone
</Limit>
<Limit POST PUT>
require group admin
</Limit>
</Directory>

	Brian

--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--
brian@organic.com  www.apache.org  hyperreal.com  http://www.organic.com/JOBS


Mime
View raw message