At 12:04 PM 9/17/2002, Ian Holsman wrote: >On Tue, 17 Sep 2002 10:00:44 -0700, rbb wrote: > > On Tue, 17 Sep 2002, William A. Rowe, Jr. wrote: > >> Mod_auth would further include all of the hooks, and be the common > >> module that all other mod_auth_foo, authn and authz modules require. > >> > >> Does that make any sense? I'm certain you will have users misconfigure > >> the 'backstop' modules (_default flavors) resulting in insecure servers. > >> If the 'backstop' _default auth handlers are always loaded as part of > >> the core mod_auth, users will have far fewer problems. > > > > I almost like this, but I wouldn't put it mod_auth. I would put them in > > the core. The core server has always been the location for our default > > functions. > >why don't you do what we do in mod_core & mod_proxy >just create a 'mod_auth' with the common functions and have mod_auth_XYZ >just hook into that
That was what I was getting at. A completely plugable and removable auth architecture, just like dav, proxy and cache. Bill
