>>> On 12/4/2008 at 1:30 PM, in message <[EMAIL PROTECTED]>, Chris Darroch <[EMAIL PROTECTED]> wrote: > Hi -- > > Eric Covener wrote: > >> I had meant iif containers are used, I'd like their name to >> communicate the "require" or "reject" part while the authz providers >> would be "match"-like (because the Require on the inside is confusing >> when surrounted by all the variations) > > Yes, I thought that was a good point; my further thought was that > the container names can't imply require/reject either though, because > they can be nested and so their meaning can be inverted if they're > contained in a negated context. > > > Roy T. Fielding wrote: > >> But we are already using *Match all over the place to indicate the >> use of regex matching. :( > > These are good points; I hadn't thought of the "overlap" with > LocationMatch and friends. > > A lot of the other obvious access-control-related words and terms > are also already in use, especially for older authorization directives > (e.g., Allow, Deny, Order, Limit, Require, Satisfy, etc.) In order > to avoid confusion, we should probably stay away from all of these too. > > Perhaps something like Check or Test would suffice, maybe prefixed > with Authz? Hopefully someone else has a good idea, or at least > stronger opinions. :-) >
I think prefixing it with Authz probably makes more sense. Brad
