On Tuesday 20 July 2010, Nick Kew wrote: > On 20 Jul 2010, at 07:43, Ruediger Pluem wrote: > > Is this needed any longer? Shouldn't authz be expected to handle > > r->user == NULL after Stefans recent changes?
I have reverted the change that the auth_checker hook is also called with r->user == NULL. But all 2.3-style authz providers must be able to handle r->user == NULL. > Hadn't considered that. An extra check here can't hurt, can it? You have missed the similar SATISFY_ANY case. ALL and ANY should behave identical.
