httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From c...@decus.org (Rodent of Unusual Size)
Subject Re: [STATUS] 1.3b1: Thu Sep 25 21:05:41 PDT 1997
Date Tue, 30 Sep 1997 15:58:14 GMT
>From the fingers of Marc Slemko flowed the following:
>
>On Sun, 28 Sep 1997, Marc Slemko wrote:
>
>> On Thu, 25 Sep 1997, Dean Gaudet wrote:
>> 
>> >     * Marc is having some auth problems
>> > 	Dean thinks these are related and probably his fault.  Hopes to
>> > 	work on it shortly.
>
>Grr.  The problem with "require user marcs" letting user joe in is caused
>by only the check_user_id handler being run and not the check_auth.  This
>is because mod_example was complied into the server, and it 
>returns OK for all requests in its example_auth_checker, so nothing works
>right.

    Unfortunately, at least one hook in this phase *has* to return OK,
    or the access will be denied.  I've been wrestling off-and-on with
    the ramifications od having it return DECLINED ever since someone
    reported it, to no conclusion.  I think I see potential pitfalls
    either way, but I've never been able to dedicate the necessary ten
    minutes to think it through completely.

    If you want to suggest that it should return DECLINED, I'll go
    along.. I kinda lean that way at the moment.

>While you can argue that it is just for testing and shouldn't be enabled,
>I think that having a module that demonstrates how to do things but causes
>such bogus behavior isn't good.  Sigh.

    *I* think it falls into the "give 'em rope" category (even if it's
    pre-knotted into a noose).  "It's my foot - I'll shoot it!  Even
    though there's a sign on it saying not to!"

    
>
>Note that this does _not_ fix my problems with proxy access restrictions
>not working.
>

Mime
View raw message