On Thu, Mar 19, 2009 at 4:36 PM, Jeff Trawick <[email protected]> wrote:
assert(Whatever is done in mod_ssl, the <2.3 logic in mod_authany needs to
> ensure that its check user id hook runs after mod_ssl's.)
>
>
I'm going with this code in mod_authany for Apache 2.0/2.2 as soon as it
checks out okay on more trees:
+static void extra_hooks(apr_pool_t *p)
+{
+ static const char * const modssl_runs_before[] = {"mod_ssl.c", NULL};
+
+ ap_hook_check_user_id(authany_handler, modssl_runs_before, NULL,
+ APR_HOOK_FIRST);
+ ap_hook_auth_checker(require_any_user, NULL, NULL, APR_HOOK_FIRST);
+}
Reversing the order of (modssl_runs_before, NULL) does show failure of
ssl/fakeauth and ssl/basicauth; the order in the code above works.
--
Born in Roswell... married an alien...
