httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brad Nicholes" <>
Subject Re: Execution of check_user_id and auth_checker for all requests in 2.3 vs. only those with AuthType
Date Thu, 02 Mar 2006 22:30:51 GMT
> {>>> On 3/2/2006 at 9:23:45 am, in message <>,

> wrote:
> In httpd-2.2, the check_user_id and auth_checker hooks are only
>for requests to which both an AuthType and at least one Require
>directive apply.
>In httpd-2.3, the check_user_id and auth_checker hooks run
>I'm seeking confirmation that the above is an intentional design
>If it is, perhaps someone could add the text of the first two
>of this email to the "Module Developer Changes" section of

  Yes that is true but it is much more that just how the hooks are
being called.  Both authentication in 2.2 and authorization in 2.3 have
been transformed into a provider based model.  That doesn't mean that
you can't still register for the hooks, but what it does mean is that in
order to follow the new authnz model and to take advantage of what it
offers, auth modules should be registering themselves as providers
instead.  If auth modules use the provider based mechanisms, they don't
have to worry about when or how the hooks are called.


View raw message