> This functionality would be useful for more than just LDAP: you might want
> to use two different flat file databases, or maybe you want to auth
> someone in LDAP and someone else in SQL.
>
> This is really an AAA-wide question rather than an LDAP specific question.
>
> Anyone know how difficult this would be to do in the current AAA structure?
I think we just need another status besides
typedef enum {
AUTH_DENIED,
AUTH_GRANTED,
AUTH_USER_FOUND,
AUTH_USER_NOT_FOUND,
AUTH_GENERAL_ERROR
} authn_status
something like AUTH_DECLINED, which would mean that the current provider is
passing on doing the checking. code that into the provider loop and you're
done.
I can find the time to do this probably this week if justin or the other
provider authors think it's a good idea.
--Geoff
