httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rodent of Unusual Size <Ken.C...@Golux.Com>
Subject Re: mod_auth again
Date Sun, 19 Aug 2001 23:51:08 GMT
"Ian Kallen " wrote:
> 
> Oooh boy, I think this stuff is a mess (or if it's neater than my
> perception of it, I need to get it clarified for myself :)

Yes, it is very messy.  I have a massively cleaned-up version
in my head, but..

> It is my opinion that if AuthUserFile is not specified mod_auth
> should decline; I'm indicating that I don't want mod_auth to have
> any say in the authentication for this resource.

If it is also labelled as authoritative, you have a conflict.
I would prefer to resolve that conflict away from a 500 error
visible to the user, although that is certainly defensible -- it
*is* a config error.

It would be nice if these handlers were passed a flag about
forced authoritativeness -- the last module called should be
considered authoritative even if the config does not expressly
say so.

And if there is a config error, the module that knows what it is
should be the one to log the message, rather than the core
guessing about it.
-- 
#ken	P-)}

Ken Coar, Sanagendamgagwedweinini  http://Golux.Com/coar/
Author, developer, opinionist      http://Apache-Server.Com/

"All right everyone!  Step away from the glowing hamburger!"

Mime
View raw message