Henrik Nordstrom a écrit : > > aclNBCheck is a complete access list check, i.e. checking the whole > http_access ruleset, not just a single acl element list. > > If your rule set is not a simple allow/deny type ruleset but you need > to know which rule (not acl) was matched then this needs to be > redesigned somewhat. > > What is it you need to match and have as result? > This is to add external acl support in icap_access. As the ICAP acls depend on a class, the icapAclChecklistCreate function creates as aclCheck_t with only one acl in order to find the class associated with the acl ( i think ). Then aclNBCheck is called with this aclCheck_t ( which contains only one acl ), then i need to know in the callback if the request matches with the current acl (and setting http->request->class value) or if the other acl must be checked.
Another solution would be to change aclCheck_t structure ( in order to add the icap class for each acl) and rewriting the icapAclChecklistCreate function. Which solution is the best? Thanks. Ghislain Garçon.
