httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brad Nicholes" <BNICHO...@novell.com>
Subject Re: svn commit: r427780 - in /httpd/httpd/trunk: docs/manual/mod/mod_authz_core.xml modules/aaa/mod_
Date Wed, 02 Aug 2006 21:47:30 GMT
>>> On 8/2/2006 at 3:39 PM, in message <44D11BA9.6060900@apache.org>, Ruediger
Pluem <rpluem@apache.org> wrote:

> 
> On 08/02/2006 11:00 PM, Brad Nicholes wrote:
> 
>> 
>> 
>> No, the default is to merge authz rules.  At least that is how I understood 
> access control to be working by default in the past.  There was no concept of 
> inherited authz before 2.3.  Also, Joshua pointed out a flaw in my thinking 
> which I am looking into now.
> 
> My bad I did not cite it correctly. I was not talking about the default, but 
> the fact that on and off is explained
> differently in different sections (at least to my understanding):
> 
> +Set to 'off' to disable merging. If set to 'off', only the authz rules 
> defined in
> +the current &lt;Directory&gt; or &lt;Location&gt; block will apply.</description>
> +<syntax>AuthMergeRules on | off</syntax>
> +<default>AuthMergeRules on</default>
> +<contextlist><context>directory</context><context>.htaccess</context>
> +</contextlist>
> +<override>AuthConfig</override>
> +
> +<usage>
> +    <p>By default all of the authorization rules within a &lt;Directory&gt;
> +    &lt;Location&gt; hierarchy are merged together to form a single
> +    logical authorization operation.  If AuthzMergeRules is set to 'on', 
> then
> +    only the authorization rules that are contained with the current
> +    &lt;Directory&gt; or &lt;Location&gt; block are considered. This
> 
> First 'off' is said to prevent merging (which makes sense), but later on 
> 'on' is
> said to do just that.
> 
> 
> Regards
> 
> RĂ¼dige

Right, I got it now.  Thanks

Brad


Mime
View raw message