httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject Re: httpd-2.0 and Auth*Authoritative
Date Mon, 22 Jul 2002 02:35:44 GMT
On Mon, 22 Jul 2002, [ISO-8859-1] André Malo wrote:

> Hi,
> 'AuthAuthoritative off' and related give the possibility to put some
> auth modules into a chain. But it seems that this directive is not very
> useful in conjunction with the 2.0 API.

AuthAuthoritative is really just a way to tell mod_auth to return DECLINED
instead of UNAUTHORIZED (or visa versa) to allow other modules who HAPPEN
to be loaded after mod_auth to be called as well in the case mod_auth
either cannot, or does not, authorize the user.

This is, as you imply, really not very useful since modules are ordered at
compile time - so you cannot determine the order of the modules at run
time.  There has been a lot of bantering about 'better' ways of doing this
- and suggestions are welcome.

I have often spoke of having a per directory/location ordering of auth
handleres.  This would allow you to load a bunch of auth handler modules,
then in a given directory elect which ones are run, and what order they
run in (and the last one would be assumed authoritatve perhaps).


View raw message