Hi,
[posted this to de.ciws and later ciwsu several days ago, but got no
response up to now]
Sorry, if I'm off-topic here:
'AuthAuthoritative off' and related give the possibility to put some
auth modules into a chain. But it seems that this directive is not very
useful in conjunction with the 2.0 API.
I stepped through the code, especially the following files:
modules/mod_auth.c,
modules/mod_auth_dbm.c,
modules/mod_auth_anon.c und
srclib/apr-util/hooks/apr_hooks.c
Per default all modules register the check_user_id hook at
APR_HOOK_MIDDLE relative position, i.e. the auth-module-ordering is more
or less done randomly (because they're sorted in apr_hooks.c/prepare()
by a qsort call).
So I can only /test/, but not influence at runtime, how the modules are
ordered at startup.
However, the test result may be moved to /dev/null if someone
changes the LoadModule-directives (by adding or removing some modules,
that register the check_user_id hook, too).
Now my question ;-):
Did I understand the code right? Or do I miss anything important?
TIA, nd
--
$_=q?tvc!uif)%*|#Bopuifs!A`#~tvc!Xibu)%*|qsjou#Kvtu!A`#~tvc!KBQI!)*|~
tvc!ifmm)%*|#Qfsm!A`#~tvc!jt)%*|(Ibdlfs(~ # What the hell is JAPH? ;
@_=split/\s\s+#/;$_=(join''=>map{chr(ord( # André Malo ;
$_)-1)}split//=>$_[0]).$_[1];s s.*s$_see; # http://www.perlig.de/ ;
