Niklas Edmundsson
Sat, 23 Aug 2008 03:59:26 -0700
On Fri, 22 Aug 2008, William A. Rowe, Jr. wrote:
this is a form of authorization, it appears to fit in aaa. Perhaps evenwith a name in that scheme, such as mod_authz_hostlimit or something like that.I'd say that's stretching a point. But since I don't think I can suggest an existing category into which it fits: the nearest functions to it are in core! Something like modules/traffic/ would kind-of describe it, but as of now it would seem lonely there. I wonder if there's a case for modules/misc/ ?modules/limiters/ or something? That would cover a lot of things like concurrent requests-per-ip/mimetype, ratelimiting and so on but still isn't auth/access control...This *is* access control, you are denying access, based on something other than user and password. mod_authn_hostname anyone? This fits neatly into the same general category.
Yes, but it's not definitive access, more like the "amount" of access... I think most end users see access control as "can I access this content or not", and even though a rate limiter is denying access in the sense that it's reducing bandwidth the user can still access the data.
Sure, you can argue either way, but I think that end users will be more confused by most modules being called mod_authwhatever_whatever (in fact, they're already confused).
/Nikke
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Niklas Edmundsson, Admin @ {acc,hpc2n}.umu.se | [EMAIL PROTECTED]
---------------------------------------------------------------------------
* * * <- Tribbles
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=