httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ruediger Pluem <rpl...@apache.org>
Subject Re: svn commit: r427780 - in /httpd/httpd/trunk: docs/manual/mod/mod_authz_core.xml modules/aaa/mod_auth.h modules/aaa/mod_authz_core.c
Date Wed, 02 Aug 2006 19:38:12 GMT


On 08/02/2006 12:54 AM, bnicholes@apache.org wrote:
> Author: bnicholes
> Date: Tue Aug  1 15:54:38 2006
> New Revision: 427780
> 
> URL: http://svn.apache.org/viewvc?rev=427780&view=rev
> Log:
> Converted the reject directive to be definitive and enabled directory_merge to merge
all of the authorization rules and logic.
> 
> Modified:
>     httpd/httpd/trunk/docs/manual/mod/mod_authz_core.xml
>     httpd/httpd/trunk/modules/aaa/mod_auth.h
>     httpd/httpd/trunk/modules/aaa/mod_authz_core.c
> 
> Modified: httpd/httpd/trunk/docs/manual/mod/mod_authz_core.xml
> URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_authz_core.xml?rev=427780&r1=427779&r2=427780&view=diff
> ==============================================================================
> --- httpd/httpd/trunk/docs/manual/mod/mod_authz_core.xml (original)
> +++ httpd/httpd/trunk/docs/manual/mod/mod_authz_core.xml Tue Aug  1 15:54:38 2006
> @@ -112,8 +112,8 @@
>  
>  <directivesynopsis>
>  <name>Reject</name>
> -<description>Rejects which authenticated users can access
> -a resource</description>
> +<description>Rejects authenticated users or host based 
> +requests from accessing a resource</description>
>  <syntax>Reject <var>entity-name</var> [<var>entity-name</var>]
...</syntax>
>  <contextlist><context>directory</context><context>.htaccess</context>
>  </contextlist>
> @@ -122,10 +122,12 @@
>  <usage>
>      <p>This directive is similar to the 
>      <directive module="mod_authz_core">Require</directive> directive however
> -    it rejects which authenticated users can access a resource.  The 
> +    it rejects which authenticated users or host based requests from accessing a resource.
 The 
>      restrictions are processed by authorization modules.  See the 
>      <directive module="mod_authz_core">Require</directive> directive for
details 
> -    about usage.</p>
> +    about usage.  If found as part of the authorization rules, the reject directive
> +    is definitive.  In other words, if the reject statements is satisfied, the entire
request
> +    is automatically rejected no matter what other require rules may exist.</p>
>  </usage>
>  
>  <seealso><a href="../howto/auth.html">Authentication, Authorization,
> @@ -220,6 +222,31 @@
>  
>  <seealso><a href="../howto/auth.html">Authentication, Authorization,
>      and Access Control</a></seealso> 
> +
> +</directivesynopsis>
> +
> +<directivesynopsis type="section">
> +<name>AuthzMergeRules</name>
> +<description>Set to 'on' to allow the parent's &lt;Directory&gt; or &lt;Location&gt;

> +authz rules to be merged into the current &lt;Directory&gt; or &lt;Location&gt;.
 
> +Set to 'off' to disable merging. If set to 'off', only the authz rules defined in 
> +the current &lt;Directory&gt; or &lt;Location&gt; block will apply.</description>
> +<syntax>AuthMergeRules on | off</syntax>
> +<default>AuthMergeRules on</default>
> +<contextlist><context>directory</context><context>.htaccess</context>
> +</contextlist>
> +<override>AuthConfig</override>
> +
> +<usage>
> +    <p>By default all of the authorization rules within a &lt;Directory&gt;
> +    &lt;Location&gt; hierarchy are merged together to form a single 
> +    logical authorization operation.  If AuthzMergeRules is set to 'on', then

Shouldn't that be 'off' above?

Regards

RĂ¼diger

Mime
View raw message