httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Justin Erenkrantz <jus...@erenkrantz.com>
Subject Re: What do you want in HTTPD 2.4/3.0/X/GREEN?
Date Sat, 03 Dec 2005 21:13:52 GMT
--On December 3, 2005 8:52:38 PM +0000 Colm MacCarthaigh <colm@stdlib.net> 
wrote:

>   * A threaded MPM to become the default: I would like mod_cgid

How about making the MPMs DSOable?

>   * Build upon the aaa framework to do some more useful things. Two
>     in particular I'd like, but they are awkward and contentious.
>     First, is that we have a lot of third-party providers coming up
>     with ways of storing state for authentication via http. Most
>     often via cookies, but sometimes via url-encoded session ID's
>     and so on. It's messy and ugly, but ignoring the reality of
>     One-Time Passwords isn't good either, so it might be justifiable
>     to come with a framework for a united approach. Making say
>     mod_authnz_secureid only a small bit of work.
>
>     The other thing I think is missing from the aaa framework is
>     a way for an admin to mandate that aaa happen over an encrypted
>     session only. Some magic directive that doesn't extend into
>     per-dir/htaccess land that helps them out a little in making
>     sure that https is being used.

Huh.  Cool.  I'd like to hear more about this...  -- justin

Mime
View raw message