You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by ch...@apache.org on 2010/06/22 01:19:43 UTC

svn commit: r956731 - /httpd/httpd/trunk/docs/manual/new_api_2_4.xml

Author: chrisd
Date: Mon Jun 21 23:19:43 2010
New Revision: 956731

URL: http://svn.apache.org/viewvc?rev=956731&view=rev
Log:
updated notes on ap_hook_check_* wrappers and AP_AUTH_INTERNAL_* flags

Modified:
    httpd/httpd/trunk/docs/manual/new_api_2_4.xml

Modified: httpd/httpd/trunk/docs/manual/new_api_2_4.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/new_api_2_4.xml?rev=956731&r1=956730&r2=956731&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/new_api_2_4.xml (original)
+++ httpd/httpd/trunk/docs/manual/new_api_2_4.xml Mon Jun 21 23:19:43 2010
@@ -132,9 +132,22 @@
       <li>New auth_internal API and auth_provider API</li>
       <li>New EOR bucket type</li>
       <li>New function ap_process_async_request</li>
-      <li>New functions ap_hook_check_access, ap_hook_check_authn, ap_hook_check_authz (why are these called ap_hook_* when they are functions not hooks?)</li>
+      <li>New flags AP_AUTH_INTERNAL_PER_CONF and AP_AUTH_INTERNAL_PER_URI</li>
+      <li>New functions ap_hook_check_access, ap_hook_check_authn, ap_hook_check_authz which accept AP_AUTH_INTERNAL_PER_* flags</li>
+      <li>DEPRECATED direct use of ap_hook_access_checker, ap_hook_check_user_id, ap_hook_auth_checker</li>
       <li>The auth_checker hook may be called with r-&gt;user == NULL</li>
     </ul>
+    <p>When possible, registering all access control hooks (including
+       authentication and authorization hooks) using AP_AUTH_INTERNAL_PER_CONF
+       is recommended.  If all modules' access control hooks are registered
+       with this flag, then whenever the server handles an internal
+       sub-request that matches the same set of access control configuration
+       directives as the initial request (which is the common case), it can
+       avoid invoking the access control hooks another time.</p>
+    <p>If your module requires the old behavior and must perform access
+       control checks on every sub-request with a different URI from the
+       initial request, even if that URI matches the same set of access
+       control configuration directives, then use AP_AUTH_INTERNAL_PER_URI.</p>
   </section>
 
   <section id="mod_auth">