Hi -- Eric Covener wrote:
I had meant iif containers are used, I'd like their name to communicate the "require" or "reject" part while the authz providers would be "match"-like (because the Require on the inside is confusing when surrounted by all the variations)
Yes, I thought that was a good point; my further thought was that the container names can't imply require/reject either though, because they can be nested and so their meaning can be inverted if they're contained in a negated context. Roy T. Fielding wrote:
But we are already using *Match all over the place to indicate the use of regex matching. :(
These are good points; I hadn't thought of the "overlap" with LocationMatch and friends. A lot of the other obvious access-control-related words and terms are also already in use, especially for older authorization directives (e.g., Allow, Deny, Order, Limit, Require, Satisfy, etc.) In order to avoid confusion, we should probably stay away from all of these too. Perhaps something like Check or Test would suffice, maybe prefixed with Authz? Hopefully someone else has a good idea, or at least stronger opinions. :-) Chris. -- GPG Key ID: 366A375B GPG Key Fingerprint: 485E 5041 17E1 E2BB C263 E4DE C8E3 FA36 366A 375B