Re: httpd-2.0 and Auth*Authoritative
On Sun, 21 Jul 2002 [EMAIL PROTECTED] wrote: I have often spoke of having a per directory/location ordering of auth handleres. This would allow you to load a bunch of auth handler modules, then in a given directory elect which ones are run, and what order they run in (and the last one would be assumed authoritatve perhaps). Actually - this of course depend as to wether you compile static or dynamic, then there is the LoadModule/ClearModuleList/AddModule trickery and not to forget the fine-tuning that one can do when registering the hooks. If anything I'd say that this has too many tunable nobs ! That is assuming all the auth modules you wish to use are hooked the same (e.g. middle) at the time they were compiled. And it doesn't allow for having different orderings/groupings for different parts of the server. But true - My proposal above would be to elminate any dependency on module load order and remove all the Authoritative stuff. sterling
Re: httpd-2.0 and Auth*Authoritative
having different orderings/groupings for different parts of the server. But true - My proposal above would be to elminate any dependency on module load order and remove all the Authoritative stuff. Aye - something like AuthOrder mod_auth_db, mod_auth_cookie, mod_auth AccessOrder mod_access, mod_auth FxiUpOrder ...,... And similar for the other hooks. Dw
Re: httpd-2.0 and Auth*Authoritative
On Mon, 22 Jul 2002, [ISO-8859-1] André Malo wrote: Hi, 'AuthAuthoritative off' and related give the possibility to put some auth modules into a chain. But it seems that this directive is not very useful in conjunction with the 2.0 API. AuthAuthoritative is really just a way to tell mod_auth to return DECLINED instead of UNAUTHORIZED (or visa versa) to allow other modules who HAPPEN to be loaded after mod_auth to be called as well in the case mod_auth either cannot, or does not, authorize the user. This is, as you imply, really not very useful since modules are ordered at compile time - so you cannot determine the order of the modules at run time. There has been a lot of bantering about 'better' ways of doing this - and suggestions are welcome. I have often spoke of having a per directory/location ordering of auth handleres. This would allow you to load a bunch of auth handler modules, then in a given directory elect which ones are run, and what order they run in (and the last one would be assumed authoritatve perhaps). sterling
Re: httpd-2.0 and Auth*Authoritative
I have often spoke of having a per directory/location ordering of auth handleres. This would allow you to load a bunch of auth handler modules, then in a given directory elect which ones are run, and what order they run in (and the last one would be assumed authoritatve perhaps). Actually - this of course depend as to wether you compile static or dynamic, then there is the LoadModule/ClearModuleList/AddModule trickery and not to forget the fine-tuning that one can do when registering the hooks. If anything I'd say that this has too many tunable nobs ! Dw.
Re: httpd-2.0 and Auth*Authoritative
I have often spoke of having a per directory/location ordering of auth handleres. This would allow you to load a bunch of auth handler modules, then in a given directory elect which ones are run, and what order they run in (and the last one would be assumed authoritatve perhaps). That would be -very- usefull. And not just for auth - also for modules rewriting. So perhaps a per hook order control. Of course there are some chicken egg issues with this ! Dw.