httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "John K. Sterling" <j...@sterls.com>
Subject RE: ability to restrict scope of require directive to a single module
Date Tue, 15 Oct 2002 18:25:01 GMT

>-- Original Message --
>Reply-To: dev@httpd.apache.org
>Date: Tue, 15 Oct 2002 18:27:18 +0200
>From: Xavier MACHENAUD <xavier.machenaud@st.com>
>To: dev@httpd.apache.org
>Subject: ability to restrict scope of require directive to a single module
Hi,
>
>I'm facing the following problem :
>I'm using 2 auth modules in authoritative mode (if one fail, try the other
>one).

This is your problem here.  if both are in authoritative mode, it means
(in your words) : if one fail, DONT try the other one.  You need to load
them both, and make the second one authoritative.  The problem here is twofold:
1) there is no way to order auth modules so if you're authoritative module
happens to run first, the other modules will NEVER get a chance to try
2) if there is no 'authoritative' module and auth fails (i.e. all modules
return declined) apache core returns INTERNAL SERVER ERROR..... instead
of UNAUTHORIZED.

Until either one of the previous things change, the only workaround is to
make the last auth module called the authoritative one.... that way both
their authorize methods will get invoked.

sterling




Mime
View raw message