httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mladen Turk" <mt...@mappingsoft.com>
Subject [SUGGESTION] mod_auth_xxxx API
Date Mon, 24 Sep 2001 19:36:28 GMT

Well, there is a module called mod_auth_any and basically that's what I'm
talking about, but I'm offering another approach.

Almost all auth modules currently in the core distribution has a lots in
common so I'm suggesting the following:

1. make a generic auth module that will have a dso interface to
username/password/group feeding.
2. add the 'AuthInterface DB /path/to/auth_db.so' to server config (use hash
table lo load multiple interfaces)
3. load the following functions from that interface dll(auth_db.so)
"Interface functions":
	a. ApacheAuthInitialize()
	b. ApacheAuthTerminate()
	c. ApacheAuthDatabase(flat-file or DSN or whatever);
	d. ApacheAuthVerifyUser(username, password)
	e. ApacheAuthVerifyGroup(groupname)
4. add the 'AuthInterfaceUse DB' to dir-config
5. use config directives like using standard htasscess file.
6. make auth_file.so, auth_db.so, auth_dbm.so

So what I'm suggesting is that we get rid of mod_auth, mod_autdb,
mod_authdbm and possibly others and make a Authorization module API instead
of writing and maintaining modules for different database file access
methods, and make tree separate interface modules one for flat-files, one
for db and one for dbm.
Using that API one could easily write a 'glue' interface to whatever
authorisation he wants, but if specific authorization is required like ldap
the old way still works.

Do you thing that this makes sense?
I would like to get into if there will be no vetoes.

MT.


Mime
View raw message