Justin Erenkrantz said: > I still maintain the better way to do this is to handle it in the provider > modules themselves by leveraging the provider API instead. > > To reiterate, in my mind, the ideal syntax is: > > <Location /foo> > <LDAPProvider ldap1> > ...config options for mod_authnz_ldap... > </LDAPProvider> > <LDAPProvider ldap2> > ...config options for mod_authnz_ldap... > </LDAPProvider> > <DBDProvider my_db> > ...config options for hypothetical mod_authn_dbd... > </DBDProvider> > > ...config options for mod_authnz_ldap... > > AuthUserFile conf/foo > > AuthBasicProvider ldap1 ldap2 ldap file my_db > </Location> > > This isolates the config directly to the module, and if we so desire, we > could > add helper functions which promote re-use of this strategy by other > provider > modules as needed. -- justin
This means that: - Every auth module has to be independantly updated to use this method (which won't happen) - Every module will have it's own method of configuring multiple providers. Putting my end user hat on, doing it the way you suggest would irritate me no end, as it would make no logical sense to me why one auth provider allows multiple configurations and another doesn't, or why one auth provider uses one config mechanism and another auth provider uses a different one. I definitely think that getting the auth framework to understand this syntax is the right way to go, we just need to figure out that "magic syntax" that will work elegantly. Regards, Graham --
