httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Roy T. Fielding" <field...@kiwi.ics.uci.edu>
Subject Re: module ordering in Configuration.tmpl
Date Thu, 12 Aug 1999 02:43:02 GMT
>Hmmm:
>> revision 1.120
>> date: 1999/08/09 06:25:24;  author: fielding;  state: Exp;  lines: +13 -12
>> Move mod_auth_digest to where it makes sense.  If there is a problem
>> with the ordering here, then we should move all the auth modules and
>> not just the latest one.
>
>Unfortunately there is a problem: mod_auth_digest must be listed
>*before* libproxy because because the WWW-Authenticate and
>Proxy-Authenticate headers are parsed in the post-read-request phase
>and it needs to know if this is a proxy request or not. With the
>current ordering, using Digest auth in a proxy setting will fail
>miserably.
>
>Is there any problem with moving any other auth module up (i.e. have
>them all do their processing *after* mod_proxy)?

Wouldn't this equally apply to the other forms of authentication?
Is it safe to move all of the auth modules above all of the URI
manipulation modules?  Maybe this is the source of other problems
that we haven't been able to fix before.

BTW, dependencies like that MUST be included in the comments for
Configuration, not left to trial and error.

....Roy

Mime
View raw message