03.08.2013 02:05, Ben Reser wrote:
> You don't seriously expect the auth system to know all of those intricacies?
Let me take a step back here. What I found about my particular situation
is -- using your own term -- absurd:
1. The current behavior is not documented.
2. The current behavior is not even known: neither you, nor anybody
else on this list of httpd developers (!) were able to recognize it,
when I first asked, nor explain, what's happening. Asking elsewhere
<http://stackoverflow.com/questions/17974096/apache-2-4-how-to-close-entire-site-except-one-subdirectory>
proved fruitless too.
3. The current behavior suffers from an obvious performance penalty --
wasting CPU-cycles rerunning authz rules multiple times on each hit.
You agree with that -- the only mitigation offered was: a) it used to be
even worse in 2.2; b) fixing it "would have to be done very carefully".
Need anything more be said or written for a consensus, that things do
need fixing? And, as per point 3. above, not only on the documentation
side... At the very least, I'd say, there should be a way to turn it off
per subconfig (Location, Directory, or vhost). I don't know, how to do
it. But it seems rather obvious, that it needs to be done.
03.08.2013 13:15, Stefan Fritsch wrote:
> Do you have mod_log_debug loaded? If yes, try if things change if you don't
> load it.
No, there is no mod_log_debug loaded here. And my own -- mod_authnz_tiv
-- does not use the define either:
ap_register_auth_provider(p, AUTHN_PROVIDER_GROUP, "tiv",
AUTHN_PROVIDER_VERSION, &provider,
AP_AUTH_INTERNAL_PER_CONF);
Thanks. Yours,
-mi
