On Tue, 17 Sep 2002, William A. Rowe, Jr. wrote: > I was thinking about this. What about -eliminating- the mod_authn_default > and mod_authz_default, merging them into mod_auth, and moving the > directives from mod_auth_basic and mod_auth_digest into the common > mod_auth. > > Mod_auth would further include all of the hooks, and be the common > module that all other mod_auth_foo, authn and authz modules require. > > Does that make any sense? I'm certain you will have users misconfigure > the 'backstop' modules (_default flavors) resulting in insecure servers. > If the 'backstop' _default auth handlers are always loaded as part of the > core mod_auth, users will have far fewer problems.
I almost like this, but I wouldn't put it mod_auth. I would put them in the core. The core server has always been the location for our default functions. Ryan _______________________________________________________________________________ Ryan Bloom [EMAIL PROTECTED] 550 Jean St Oakland CA 94610 -------------------------------------------------------------------------------
