On Thu, 16 Jan 2003, Andr� Malo wrote: > the docs are partially obtained from the original 1.3 mod_auth > documentation. > However, any comments would be appreciated. > > <http://cvs.apache.org/~nd/manual/mod/mod_authz_owner.html>
Looks good. +1 A few comments: This module, by nature, is a little confusing because of the way it mixes web and unix credentials. I think you could be a little more explicit and consistent about this. I would make my first sentence something like "This module authorizes access to files by comparing the userid used for HTTP authentication (the web userid) with the file-system owner or group of the requested file." Then I would try to use the terms "web userid" and "file-system owner/group" consistently in the rest of the doc. In the summary under "file-owner", I'm not sure why you use the word "also" in the first sentence, and it should be "the operating system says" in the second sentence. I had to read the "file-group" section over several times to understand it. I think using the terms above consistently will help. In the <note> in the summary, rather than saying it will result in an "Authentication Required reply", why don't you just say it will deny access (or, at least, it will "not allow access"). You need to know something about HTTP auth to know that these two statements are equivalent. Under the AuthzOwnerAuthoritative directive, "allows to combine" should read "allows the combination of". Also, that sentence should probably say that "access will be allowed" if one or the other or both match. In the last paragraph, say "setting it to On", rather than "not setting it to off". Joshua. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
