httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rose, Billy" <>
Subject RE: mod_auth_referer
Date Wed, 01 May 2002 20:35:54 GMT
I would be honored to support this as a third party module. I hope my
intentions were not seen as an attack on the group, but rather as positive
feedback from a user/developer. In light of all this, could I get some input
on the code itself (flames welcomed also)? My first move is to put the
directives into <Directory>s rather than having (just?) the server globals.
What can I do about the "need AuthType" log entries? Only Basic and Digest
are supported I find from "server/protocol.c".

Billy Rose

> -----Original Message-----
> From: Joshua Slive []
> Sent: Wednesday, May 01, 2002 3:23 PM
> To: ''
> Subject: RE: mod_auth_referer
> On Wed, 1 May 2002, Rose, Billy wrote:
> > Therein lies the beauty of the configure script. IMHO an 
> (average) admin
> > would rather add a few simple readable directives as 
> opposed to learning a
> > pseudo programming technique in the config file. Not all 
> admins are power
> > users, but rather some poor sap that got voted to do the 
> job because nobody
> > else has the time, and he/she has to cram to learn the 
> ins-and-outs of
> > Apache. Usually they don't even know the proper way to 
> start the server, and
> > have to read through the docs to get that far. That is the 
> primary reason
> > IIS took so well to the web world. Just click-click-click 
> and the average
> > Joe has a site up and running in seconds. Add a few simple 
> directives that
> > everyone can read and know what they mean, and those admins 
> with less
> > experience can be up in minutes. The configure options 
> allows them to
> > include only those options (directives) they want. The 
> SetEnvIf option is
> > still there for the power users so they can tweak the 
> server until it talks
> > to them in their dreams.
> There certainly is some truth to your argument.  (Not the IIS 
> part; that's
> bull**** - but the ease of use and simplicity argument in 
> general.)  It is
> the same reason we still have mod_alias, rather than just saying
> "mod_rewrite can do all that" (which was an argument made at one point
> many years ago).  But the fact is, there are already two 
> perfectly good
> ways to accomplish what you want: mod_rewrite or 
> mod_setenvif+mod_access.
> I can't see how adding a third will add significant value to 
> the server.
> What it will add is more code to maintain.
> I would, of course, love to see it maintained as a third 
> party module.  I
> wish we had a better system for those.  What's going on with
> anyway?
> Joshua.

View raw message