--On November 8, 2005 7:21:54 PM -0500 Geoffrey Young
<[EMAIL PROTECTED]> wrote:
you really think so? I think it's mistakenly given an authz namespace,
giving users the impression it steps in after authentication, or does
something else specifically based on r->user. at least any users who have
bothered to wrap their heads around the entire aaa idiom and phase
separations.
It runs with the access_checker/auth_checker hook. Which is an authorization
hook. (So, yes, this implies that I think the access_checker/auth_checker
split is off-kilter - they should really be the same, I think.)
But, I'll admit that mod_access_host isn't entirely bad. However, it'd be
really nice to re-do the second half of our auth system, but I worry that
Sander's completely forgotten about his promises to do that. =) -- justin
