>>> On 10/10/2006 at 8:58 AM, in message <[EMAIL PROTECTED]>, "Eric Covener" <[EMAIL PROTECTED]> wrote: > On 10/10/06, Javier Sagrera <[EMAIL PROTECTED]> wrote: >> So, i can write my modules, based on modules that i know will have a >> "conflict" with mine using the "if ..." >> but that is a little limited, i just find strange that you dont have control >> of the order in which the functions are call, > > Your example is a little contrived because an auth module already > checked and accepted the userid. > >> And even more strange, that the inclusion of a function registered with >> FIRST, will change the order too. > > You're sorting a list and have specified that you don't care about the > position of two things relative to eachother. Seems reasonable that > their position would change as the overall contents of the list > changes based on implementation of the sort. > > Don't get me wrong, being able to influence the hook ordering with > configuration directives sounds cool (e.g. DirectiveXYZ hook_name > mod_homegrown.c after mod_thirdparty.c) but it doesn't look like > there's a practical problem.
The order in which the check_user_id hooks are called, isn't as big of an issue as you might think. In most cases, even if another module is called before yours, the first thing that it will do is check to make sure that it is configured for that <Directory> or <Location> and DECLINE to handle the request if not. Keep in mind that this is an Apache 2.0 and before issue. Apache 2.2 has solved this problem with providers. Using the AuthBasicProvider or AuthdigestProvider directives, you can specify which authentication providers will be called for a specific <directory> or <location> and in what order. Apache 2.3 goes even further to allow the same type of thing for authorization. Brad
