httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Max Bowsher <ma...@ukf.net>
Subject Suggest renaming mod_authz_host to mod_access_host
Date Thu, 24 Nov 2005 20:50:35 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I would like to put the case for renaming mod_authz_host to mod_access_host.

There is a small but significant division between:

access control:
  is this request permitted, based on where it is being made from

and

authorization:
  is this request permitted, based on who is making it.


This division is modelled by the separate access_checker/auth_checker
hooks, but it is also user-visible, through the Satisfy Any|All directive.

For a server administrator to properly understand the Satisfy
directive's behaviour, they need to understand this division. For all
access and authz modules to share mod_authz_ names, is misleading, and
hinders user understanding of this point.

Therefore, I think it would be best for mod_authz_host to be renamed
mod_access_host.

The previous thread on this topic, titled "mod_access vs mod_authz_host"
in http://mail-archives.apache.org/mod_mbox/httpd-dev/200511.mbox/browser
seemed to be heading in this direction, but seems to have died out
without any action being taken, so I am reviving this discussion, hoping
to get this resolved before GA happens.


Max.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Cygwin)

iD8DBQFDhiebfFNSmcDyxYARAtXnAJ9HsztbY3xGq17PXwryYVvdwSQsEwCfTaLi
oxlzY7ESShhdBM9Y3GVVj5g=
=6bdq
-----END PGP SIGNATURE-----

Mime
View raw message