--On Sunday, October 13, 2002 3:59 AM -0700 Greg Stein <[EMAIL PROTECTED]> wrote:
> The API *is* stable. The auth changes did nothing to the API except > to expand it a bit for *new* auth systems. Existing auth modules are > unaffected. Exactly - we only reorganized our aaa modules. No hooks or APIs were modified. Third-party aaa modules require no changes - in fact, our own experimental auth_ldap hasn't been converted (mainly because it is so many files). > There were some directive changes, and certainly some different > modules to load, but nothing in the API department. Moreover, I > think we can deal with the directives and create some kind of > backwards-compat stuff. It is just that I'm not entirely sure what > got dropped and added yet. The modules are a bit tougher. We could > potentially fix it with hacks to the module loading stuff to key > off the old names and load the new stuff, but that just feels > fugly... My belief is that the only change is in the *Authoritative directives - we're now more granular as we can selectively control authoritativeness on authn and authz modules. There are also some gotchas on the LoadModule lines, but, like you, I'm not really sure what we can do about that. I think the best thing to do is to document the module renames. And, solutions like adding back mod_access or mod_auth can't work since we do not allow modules to share directives - therefore, there will be confusion internally about which modules should handle the authorization when both are loaded. That's badness. -- justin
