httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Graham Leggett" <minf...@sharp.fm>
Subject Re: Multiple AAA providers
Date Wed, 02 Mar 2005 12:48:24 GMT
Geoffrey Young said:

> I think we just need another status besides
>
> typedef enum {
>     AUTH_DENIED,
>     AUTH_GRANTED,
>     AUTH_USER_FOUND,
>     AUTH_USER_NOT_FOUND,
>     AUTH_GENERAL_ERROR
> } authn_status
>
> something like AUTH_DECLINED, which would mean that the current provider
> is
> passing on doing the checking.  code that into the provider loop and
> you're
> done.

This solves the problem for multiple providers, but the problem isn't
solved for where the same provider is used twice, for example:

- If user is present in file A or file B
- If user is present in directory A or directory B

There are two options to this:

- Teach each provider how to handle multiple instances of itself (sounds
like too much duplication)
- Introduce a concept like this:

<Auth ldap-provider-A>
  # LDAP stuff for LDAP server A
</Auth>
<Auth ldap-provider-B>
  # LDAP stuff for LDAP server B
</Auth>

AuthBasicProvider ldap-provider-A ldap-provider-B

Regards,
Graham
--


Mime
View raw message