httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Justin Erenkrantz <jus...@erenkrantz.com>
Subject Re: Multiple AAA providers
Date Wed, 02 Mar 2005 15:52:50 GMT
On Wed, Mar 02, 2005 at 04:10:35PM +0200, Graham Leggett wrote:
> The end goal is to simplify the providers so that you do not have to teach
> each one how to handle multiple sources. The problem with implementing
> multiple sources in one provider is that the end users assumes that the
> same is possible in other providers, and is surprised when they find out
> the hard way it's not.

I don't believe it would simplify anything other than mod_auth_ldap.

> To fill out the example of the "Auth" container to better illustrate what
> I mean, you might have this:

You could do this today with a RAW_ARGS for <LDAPAuth.  For each LDAPAuth
block, mod_authnz_ldap can register a new authn provider.

Once mod_authnz_ldap could do this for itself, we could review the
implementation to see if it would make sense generically.  Right now, I'm very
skeptical that it makes sense in a larger scale.

Additionally, I'm not willing to see us lose backwards compatibility either in
our auth config syntax.  So, the current non-container approach would have to
stay regardless.  -- justin

Mime
View raw message