Received: by taz.hyperreal.com (8.6.12/8.6.5) id NAA04063; Wed, 17 Jul 1996 13:49:50 -0700 Received: from sierra.zyzzyva.com by taz.hyperreal.com (8.6.12/8.6.5) with ESMTP id NAA04055; Wed, 17 Jul 1996 13:49:44 -0700 Received: from zyzzyva.com (localhost [127.0.0.1]) by sierra.zyzzyva.com (8.7.5/8.6.11) with ESMTP id PAA10778 for ; Wed, 17 Jul 1996 15:49:45 -0500 (CDT) Message-Id: <199607172049.PAA10778@sierra.zyzzyva.com> To: new-httpd@hyperreal.com Subject: Re: Authentication API In-reply-to: rasmus's message of Wed, 17 Jul 1996 16:24:09 -0400. X-uri: http://www.zyzzyva.com/ Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Wed, 17 Jul 1996 15:49:44 -0500 From: Randy Terbush Sender: owner-new-httpd@apache.org Precedence: bulk Reply-To: new-httpd@hyperreal.com > > However, it seems to me that if this is what you're trying to do, > > it's better engineering to try to find an approach which is not limited > > to authentication and access control --- mod_mime and mod_dirs can be > > reconfigured per-directory as well, and they might as well be approachable > > through the same interface. > > And a bunch of other modules that are floating about out there are also > configurable on a per directory basis. I think a completely general > case would be a good idea. Limiting the configurability to just a few > known modules will just frustrate everyone. > > > This would require something like mod_info to tell the reconfigurer > > what commands are allowed by the server as currently configured. so it > > could parse what it had written. However, it doesn't get into issues > > of trying to unparse the modules' private internal data structures. > > > > What's tough about parsing the modules' private internal data > > structures is that the are private --- by deliberate choice, I decided > > to make them private, meaning that no one else is supposed to be > > looking at that stuff, or tweaking it...). > > My first shot at writing mod_info was to try to walk through the currently > loaded internal configurations of all modules. This proved to be impossible > both because I couldn't actually get at all the data, and also because the > configurations could change on a per-directory basis. I would have had to > choose a directory and see what the different configurations were in that > particular case. Instead, I made it parse the startup configuration files > and only report on those. Taking mod_info and making it parse .htaccess > files in individual directories would be trivial. The hard part would > be writing the code to allow you to edit and write back changes. > > -Rasmus Actually, I think I have a good part of the editing/interface code written. My frustration has been getting at the data. The other issue I am trying to address is authenticating access to the config info. Not everyone on the server should have access to all of the config data.