httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brad Nicholes" <BNICHO...@novell.com>
Subject Re: Multiple AAA providers
Date Wed, 02 Mar 2005 20:41:12 GMT
Actually I think I like Justin's idea best.  That way you can actually
define one provider profile and then reuse it wherever needed just by
referencing the provider.  This would avoid duplication of auth
directives if you have multiple secure locations or virtual hosts.  If
this were implemented within auth_basic, all of the sudden we have a
provider profile scheme that extends to all auth modules.  It don't
think it will come for free though.  All auth modules will have to be
updated to a certain extent.

Brad 

>>> wrowe@rowe-clan.net Wednesday, March 02, 2005 1:07:36 PM >>>
At 01:36 PM 3/2/2005, Brad Nicholes wrote:
>Although I agree that this would probably be the best way to go, I
don't
>think it will be that simple.  Authnz_ldap stores the LDAPurl and
other
>information (bind user id, bind password, certs, etc) in a per-Dir
>structure.  At the very least, authnz_ldap would have to be taught
how
>to store multiple configurations per-dir.  Other auth modules may
have
>the same structure.

No - simply create a per-dir config, and use dirconfig to represent;

>  <AuthConfig>
>      AuthFile users1
>  </AuthConfig>

This would give us the best of both worlds.  It's no different from
the use of Location, Directory, and File per-dir blocks.

Bill


Mime
View raw message