You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Artem L <ar...@itm.nkz.ru> on 2004/07/18 22:19:50 UTC
question concerning with authentication process
hello :)
I want to have a way to perform authentication process for the certain
recources in the directory, and process requests for the another resources
in the same directory without any authentication.
I'm working at implementing acl extension for webdav - and the
authentiacation will based on access control list concerning with certain
recource. And this access control list will be modified during runtime. And
I want to use different *standard* apache authentication modules.
Actually, I've written the some draft version - and to perfome such
authentication I've added another hook (not_require_authentication) and made
some changes in the ap_some_auth_required function
AP_DECLARE(int) ap_some_auth_required(request_rec *r)
{
/* Is there a require line configured for the type of *this* req? */
const apr_array_header_t *reqs_arr = ap_requires(r);
require_line *reqs;
int i;
if (!reqs_arr) {
return 0;
}
reqs = (require_line *) reqs_arr->elts;
for (i = 0; i < reqs_arr->nelts; ++i) {
if (reqs[i].method_mask & (AP_METHOD_BIT << r->method_number)) {
if (ap_run_not_require_authentication(r) == OK)
return 0;
else
return 1;
}
}
return 0;
}
Does it have sence or there is another standrd way (without introducing
addtional hooks) to use standard authentication modules with access control
modifing at runtime?
I've read Apache Server Project Plan - and found several points concerning
with authentication - but I have not found the implementation of these
points in the 2.1 branch
may be I've missed something?
Your advice will be very much appreciated :)
thank you
Artem Lantsev
Re: question concerning with authentication process
Posted by Geoffrey Young <ge...@modperlcookbook.org>.
> Does it have sence or there is another standrd way (without introducing
> addtional hooks) to use standard authentication modules with access control
> modifing at runtime?
I would look into the Satisfy directive, specifically whether "Satisfy any"
could be used in conjunction with core access directives to get you where
you want. something like (untested, but you get the idea ;)
<Location /foo>
Satisfy any
require valid-user
<Limit POST>
allow from all
</Limit>
...
</Location>
HTH
--Geoff