httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brad Nicholes" <bnicho...@novell.com>
Subject Re: authn, authz and access. oh my.
Date Fri, 04 Nov 2005 14:49:40 GMT

>>> On 11/3/2005 at 10:38 pm, in message <436AF3E8.2020601@bfoz.net>,
bfoz@bfoz.net 
wrote:
> As if the old system wasn't hard enough to wrap one's head around.
Just when 
> I had it figured out enough to go and write mod_auth_userdir you guys
go and 
> change things on me.
> 
> BTW, when did this change? I've been lurking on this list since July
and 
> have only recently heard about this. Was it a secret or did I miss
it?

   The authentication module refactoring actually took place about two
years ago.  The problem is that it is new functionality that is not
necessarily backward compatible so it had to wait for Apache 2.2.  But
it has been available for testing and evaluating for quite a while.


> 
> Also...I was originally toying with the idea of folding auth[n|z|?]
stuff 
> into mod_dav_userdir, just to have it all taken care of in one place.
Any 
> thoughts on that idea? Feasible? Bad news?

   I actually did this with mod_authnz_ldap mainly because there was
too much information and resources that would have had to be shared or
reconstructed between the two modules.  The upside is that unless you
have a need to implement some special type of authorization, you can rip
all of the authorization stage from your module and rely on the existing
authz modules.  Then all you really need to worry about is what your
module needs to do for authentication (authn).  The other good news is
that there is plenty of example code.

Brad

Mime
View raw message