httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Xavier MACHENAUD <xavier.machen...@st.com>
Subject Re: ability to restrict scope of require directive to a single module
Date Wed, 16 Oct 2002 06:47:08 GMT
Ooops!
I wanted to say I was NOT using authoritative mode!

In this case, I want to be able to restrict a require to only one auth module.

Xavier

john wrote:
> 
> >-- Original Message --
> >Reply-To: dev@httpd.apache.org
> >Date: Tue, 15 Oct 2002 18:27:18 +0200
> >From: Xavier MACHENAUD <xavier.machenaud@st.com>
> >To: dev@httpd.apache.org
> >Subject: ability to restrict scope of require directive to a single module
> Hi,
> >
> >I'm facing the following problem :
> >I'm using 2 auth modules in authoritative mode (if one fail, try the other
> >one).
> 
> This is your problem here.  if both are in authoritative mode, it means
> (in your words) : if one fail, DONT try the other one.  You need to load
> them both, and make the second one authoritative.  The problem here is twofold:
> 1) there is no way to order auth modules so if you're authoritative module
> happens to run first, the other modules will NEVER get a chance to try
> 2) if there is no 'authoritative' module and auth fails (i.e. all modules
> return declined) apache core returns INTERNAL SERVER ERROR..... instead
> of UNAUTHORIZED.
> 
> Until either one of the previous things change, the only workaround is to
> make the last auth module called the authoritative one.... that way both
> their authorize methods will get invoked.
> 
> sterling

Mime
View raw message