Geoffrey Young said:
> I think we just need another status besides
>
> typedef enum {
> AUTH_DENIED,
> AUTH_GRANTED,
> AUTH_USER_FOUND,
> AUTH_USER_NOT_FOUND,
> AUTH_GENERAL_ERROR
> } authn_status
>
> something like AUTH_DECLINED, which would mean that the current provider
> is
> passing on doing the checking. code that into the provider loop and
> you're
> done.
This solves the problem for multiple providers, but the problem isn't
solved for where the same provider is used twice, for example:
- If user is present in file A or file B
- If user is present in directory A or directory B
There are two options to this:
- Teach each provider how to handle multiple instances of itself (sounds
like too much duplication)
- Introduce a concept like this:
<Auth ldap-provider-A>
# LDAP stuff for LDAP server A
</Auth>
<Auth ldap-provider-B>
# LDAP stuff for LDAP server B
</Auth>
AuthBasicProvider ldap-provider-A ldap-provider-B
Regards,
Graham
--
