looks to me like it is using an OR approach.
first successful match returns OK.
Ken Williams wrote:
> Hi,
>
> I'm looking at the AuthCookie code, getting ready to release a new version to
> CPAN. It looks to me like currently only the first 'require' directive will be
> processed and obeyed. Here's the code from the old authz():
>
> ************************************************************
> foreach $reqs (@$reqs_arr) {
> ($requirement, $args) = split /\s+/, $reqs->{requirement}, 2;
> $args = "" unless defined $args;
> $r->log_error("requirement := $requirement, $args") if ($debug >= 2);
>
> if ($requirement eq "valid-user") {
> return OK;
> } elsif ($requirement eq "user") {
> return OK if ($args =~ m/\b$user\b/);
> } else {
> my $ret_val = $auth_type->$requirement($r, $args);
> $r->log_error("$auth_type->$requirement returned $ret_val")
> if $debug >= 3;
> return OK if $ret_val == OK;
> }
> $restricted++;
> }
>
> return OK unless $restricted;
> return FORBIDDEN;
> ************************************************************
>
> Is anyone actually using this with multiple "require' directives? Or would
> anyone like to?
>
> ------------------- -------------------
> Ken Williams Last Bastion of Euclidity
> [EMAIL PROTECTED] The Math Forum
