Tarun Upadhyay wrote:
> Our basic design allows the use of another module (say mod_auth or
> something else) to authenticate users but through an "access file", we
> authorize users to connect to particular web-service or its methods.
>
> We want the user to be able to authorize users at either top, service or
> method level. I want to ask how should such a file (and corresponding access
> policies) be structured.
The current auth structure within apache can authenticate a user based
on a username/password combination, then it can authorise a user using a
"require <blah>" directive. If possible, whatever you need to do should
fall into this kind of operation so that existing modules can be used to
do authentication.
I'm not sure what authentication and authorisation requirements you
need...?
Regards,
Graham
--
-----------------------------------------
[EMAIL PROTECTED] "There's a moon
over Bourbon Street
tonight..."
S/MIME Cryptographic Signature
