It looks like MOTD is pretty much exactly the same, aside from the integration 
with our ad management system.

I chose to use it as an AccessHandler, because i was thinking about it as a 
test to decided whether or not a particular user was allowed to access the 
requested page or not.  It didn't rely on any authentication, at all, though i 
could certainly see situations in which it should.

Had I needed that, Authz definately would have made more sense, but in this 
specific application, it wasn't required.

I partially chose Access because large portions of the site already have Auth 
and Authz handlers and it would have been a bit more of a pain in the ass 
configuration wise to plop an Authz handler on the root of the site, than to 
use an AccessHandler (of which i had none).

I bet I don't know about some easy way to stack handlers on sub <Location>'s in 
httpd.conf though which makes that reason moot.

adam


-----Original Message-----
From: Randal L. Schwartz [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 30, 2004 1:03 PM
To: Geoffrey Young
Cc: Adam Prime x443; [EMAIL PROTECTED]
Subject: Re: mod_perl marketing


>>>>> "Geoffrey" == Geoffrey Young <[EMAIL PROTECTED]> writes:

Geoffrey> if I understand the problem correctly (which I may not) I
Geoffrey> think both those phases are probably wrong and a more
Geoffrey> generic phase is probably best, like the PerlInitHandler.

Actually, now that I think about it a bit more, the question is "can
this specific person access this resource?  If not [first visit, for
example], do something else"

So it's really an Authz question.  And it should be handled by an
internal redirect if the authz fails.  You want it *after* trans,
access, and auth, so that you can determine resource, host-based
permission, and identify the individual.

-- 
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
<[EMAIL PROTECTED]> <URL:http://www.stonehenge.com/merlyn/>
Perl/Unix/security consulting, Technical writing, Comedy, etc. etc.
See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!

--
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html

Reply via email to