On Sunday 02 November 2003 17:55, you wrote:
> But I'm still a little confused. I thought all you had to do to add a
> new authentication method was to use the Ns_SetRequestAuthorizeProc to
> provide a pointer to a custom C function. The point where this would be
> executed is hard wired in (which is the whole point), but is the method
> also limited to only basic auth? I understand this isn't available via a
> tcl api, but what are the limitations if you do it in C?
>
Apart from the fixed point where (and how) this mechanism triggers,
(which is a another issue) it is also the definition of the proc.
Look for yourself:
typedef int (Ns_RequestAuthorizeProc) (char *server, char *method,
char *url, char *user, char *pass, char *peer);
The "user" and "pass" are suppplied by the AS implementation
and those are parsed by AS out of the http headers for the basic auth.
What one would need instead would be the connection structure (or any
other related struct where you can get the conn structure back)
so the module designer would have access to all connection-related
things (like socket, headers and such).
Otherwise, what would you do? The user/pass pair is here useless
and there is no way you can get them from somewhere else because
that "somewhere else" is not accessible to you.
I remember some 2 years ago we had the very same discussion on
this very same list.
Zoran
--
AOLserver - http://www.aolserver.com/
To Remove yourself from this list, simply send an email to <[EMAIL PROTECTED]> with the
body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject: field of
your email blank.
