Actually I think the better syntax would be:
<AuthProviderAlias ldap Myldap1> ...config options for mod_authnz_ldap... </AuthProviderAlias>
<AuthProviderAlias ldap Myldap2> ...config options for mod_authnz_ldap... </AuthProviderAlias>
<AuthProviderAlias file Myfile1> ...config options for mod_auth... </AuthProviderAlias>
<Location /foo1> AuthProvider Myldap1 Myfile1 ...Other config options... </Location> <Location /foo2> AuthProvider Myldap2 Myfile1 ...Other config options... </Location> <Location /foo3> AuthProvider Myldap1 Myldap2 ...Other config options... </Location>
This would allow you to mix-match-reuse-redefine auth configurations anywhere you like. I haven't thought this through completely from an implementation standpoint, but by moving the provider definitions into mod_auth_basic and then extending the framework for handling multiple provider definitions into the providers themselves, I think we can come out with something very useful and reuseable.
Actually, I think we could move this into a (new) mod_authn_alias/config or something and make it generic - tieing it into mod_auth_basic would mean it couldn't be used by mod_auth_digest. The key here from the implementation perspective is that we would know what the 'real' provider name is as well - so we wouldn't have to tie it to the module. mod_authn_alias would register a 'fake' provider that merges the auth's per_dir_config before executing the 'real' provider.
So, yah, I like this. -- justin