At 12:04 PM 9/17/2002, Ian Holsman wrote:
>On Tue, 17 Sep 2002 10:00:44 -0700, rbb wrote:
> > On Tue, 17 Sep 2002, William A. Rowe, Jr. wrote:
> >> Mod_auth would further include all of the hooks, and be the common
> >> module that all other mod_auth_foo, authn and authz modules require.
> >>
> >> Does that make any sense?  I'm certain you will have users misconfigure
> >> the 'backstop' modules (_default flavors) resulting in insecure servers.
> >> If the 'backstop' _default auth handlers are always loaded as part of
> >> the core mod_auth, users will have far fewer problems.
> >
> > I almost like this, but I wouldn't put it mod_auth.  I would put them in
> > the core.  The core server has always been the location for our default
> > functions.
>
>why don't you do what we do in mod_core & mod_proxy
>just create a 'mod_auth' with the common functions and have mod_auth_XYZ
>just hook into that

That was what I was getting at.  A completely plugable and removable
auth architecture, just like dav, proxy and cache.

Bill


Reply via email to