httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Axel Grossklaus ...@pre-secure.de>
Subject Re: interface of the 2.1 authentication framework / behaviour of mod_digest/mod_basic
Date Wed, 18 Feb 2004 13:40:10 GMT
André Malo wrote:

moin,

> I'd guess there's question what do you want to change when. In digest
> authentication the username is an integral part of the hashed data, so you
> cannot change it during the authentication stage.
> 
> Does that change anything in your proposal?

not really. i know that digest is going to be a bit tricky, but
it should be possible to make the changes without breaking
digest authentication.

i had a rough look over the digest sources and the proposed additional
level of indirection, together with some minor modifications
to mod_digest, should suffice.

i have not made really detailed plans on what needs to be
changed how.

as i said, the main reason of the first mail was to find out
if

a) changes to the current interface for authentication
   modules would be considered at all.

b) the proposed extra functionality would be considered
   useful in the apache code.

just to prevent investing a lot of work and then
being told "yeah, nice patch. unfortunately we will
not accept any changes to the authentication interface".

of course, i do not expect a definite "yes" or "no" at this point.
a "changes are not completely out of the question and if
we like your implementation we will consider adding it" would be
enough...



tty, axel

Mime
View raw message