<snipped greatly for brevity> > -> Or alternatively mod_auth is split into a mod_auth and a > a mod_require. The first does the File based username > checking; the latter does the "require valid-user", "require > user foo" checks. 'require group' can stay in mod_auth or > go into a mod_auth_group.
Didn't we decide to take this approach like a year ago? > With that out of the way; In the long term may want to do the same for > groups checking which now fundamentally must happen in each module as > group findings are not shared. > > I.e. just like we have a r->user have a r->groups field (a table rather > than a char*) which lists the groups the user is part off. (Though I > recognize that there will always be group auth modules which need to to > the reverse; i.e. check if a user is in a list of groups - or, for these > cases, an additional check_group_access handler mirroring the user_access > stage). > > Any thoughds ? Note that part of the above problem is perception causing > the duplication of mod_auth because of the file association. > > Dw > -- > Dirk-Willem van Gulik > > Ad *: We'd need to touch up the error messages of mod_auth a little. > Ad **: Which of course would need another hook... and run method in > apache 3.0. There is no reason to wait for Apache 3.0 to add a new hook. The whole reason for the hook abstraction was to make adding hooks painless for module authors. Ryan
