Dirk-Willem van Gulik wrote:
AuthOrder user group dbm-group which specifies an order of authz checks,
and makes the last one 'authoritative' in terms of the old logic.
Of course that still leaves file-group looking lonely. Maybe what that
wants is a provider from authz_[file|dbm|dbd|ldap|etc] ?
Or go back to this naming concept floating at one point:
require group ldap:foo
which solves this class of problems (but kills the failover part; i.e.
getting a group check done in ldap if possible; but fall trough to
htpasswd if all is down).
Or not... why not
require group ldap:foo dbm:bar bash
where bash would be a match against any provider, while foo would be specific
to ldap, and bar would be specific to dbm?
