On Fri, 22 Aug 2008, William A. Rowe, Jr. wrote:
this is a form of authorization, it appears to fit in aaa. Perhaps even
with a name in that scheme, such as mod_authz_hostlimit or something like
that.
I'd say that's stretching a point. But since I don't think I can
suggest an existing category into which it fits: the nearest functions
to it are in core!
Something like modules/traffic/ would kind-of describe it, but as of
now it would seem lonely there. I wonder if there's a case for
modules/misc/ ?
modules/limiters/ or something? That would cover a lot of things like
concurrent requests-per-ip/mimetype, ratelimiting and so on but still isn't
auth/access control...
This *is* access control, you are denying access, based on something other
than user and password. mod_authn_hostname anyone? This fits neatly into
the same general category.
Yes, but it's not definitive access, more like the "amount" of
access... I think most end users see access control as "can I access
this content or not", and even though a rate limiter is denying access
in the sense that it's reducing bandwidth the user can still access
the data.
Sure, you can argue either way, but I think that end users
will be more confused by most modules being called
mod_authwhatever_whatever (in fact, they're already confused).
/Nikke
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Niklas Edmundsson, Admin @ {acc,hpc2n}.umu.se | [EMAIL PROTECTED]
---------------------------------------------------------------------------
* * * <- Tribbles
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
