Andr� Malo wrote: moin,
> I'd guess there's question what do you want to change when. In digest > authentication the username is an integral part of the hashed data, so you > cannot change it during the authentication stage. > > Does that change anything in your proposal? not really. i know that digest is going to be a bit tricky, but it should be possible to make the changes without breaking digest authentication. i had a rough look over the digest sources and the proposed additional level of indirection, together with some minor modifications to mod_digest, should suffice. i have not made really detailed plans on what needs to be changed how. as i said, the main reason of the first mail was to find out if a) changes to the current interface for authentication modules would be considered at all. b) the proposed extra functionality would be considered useful in the apache code. just to prevent investing a lot of work and then being told "yeah, nice patch. unfortunately we will not accept any changes to the authentication interface". of course, i do not expect a definite "yes" or "no" at this point. a "changes are not completely out of the question and if we like your implementation we will consider adding it" would be enough... tty, axel
