httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Justin Erenkrantz <>
Subject Re: Auth*Authoritative
Date Wed, 16 Nov 2005 16:40:37 GMT
On Tue, Nov 15, 2005 at 04:11:27PM -0700, Brad Nicholes wrote:
>   One other thing, the authorization type (valid-user, user, group,
> etc.) should be unique among all of the authorization modules.  In other
> words, only one authz module should be implementing valid-user not every
> module like in the 2.0 architecture.  This is the main reason why you
> now see the authz types like ldap-user, ldap-group, etc. implemented in
> mod_authnz_ldap rather than user and group all over again.  There are a
> couple of exceptions to this which are Group and File-Group implemented
> in both mod_authz_dbm and mod_authz_groupfile.  I looked into trying to
> fix this conflict only to find out that there is a reason for it and it
> works in this case (although still confusing).  Keeping the naming
> unique doesn't necessarily solve the ordering problem if you do
> something like

Huh.  I wonder if 'require' becomes the provider vector for
authorization?  That is, each module registers a 'require' function
provider that can then be invoked by an authorization module processing
the 'require' directive at request-time?  -- justin

View raw message