httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Justin Erenkrantz <jus...@erenkrantz.com>
Subject Re: mod_access vs mod_authz_host
Date Wed, 09 Nov 2005 17:28:38 GMT
--On November 8, 2005 7:21:54 PM -0500 Geoffrey Young 
<geoff@modperlcookbook.org> wrote:

> you really think so?  I think it's mistakenly given an authz namespace,
> giving users the impression it steps in after authentication, or does
> something else specifically based on r->user.  at least any users who have
> bothered to wrap their heads around the entire aaa idiom and phase
> separations.

It runs with the access_checker/auth_checker hook.  Which is an authorization 
hook.  (So, yes, this implies that I think the access_checker/auth_checker 
split is off-kilter - they should really be the same, I think.)

But, I'll admit that mod_access_host isn't entirely bad.  However, it'd be 
really nice to re-do the second half of our auth system, but I worry that 
Sander's completely forgotten about his promises to do that.  =)  -- justin

Mime
View raw message