Re: Auth fixes/updates

From: Adrian Chadd <adrian@dont-contact.us>
Date: Fri, 3 Aug 2001 14:12:27 +0800

On Fri, Aug 03, 2001, Robert Collins wrote:
>
> It's been a while coming... but Kinkie and I now have
> probably-production ready NTLM code. It's gone past 1.5 million requests
> without failing. The attached patch is a rollup of many minor fixes and
> some enhancements:

Right. Does anyone have any issues if I commit this patch to HEAD?

adrian

>
> * Digest: fix crash on shutdown
> * ACL: New type max_user_ip to replace authenticate_ip_is_strict.
> * ACL: Authenication refactored, to separate authentication and
> authorisation as well as allow 'lazy auth' where authentication is
> triggered by the presence of an authentication using ACL, not
> necessarily "proxy_auth". I.e. using max_user_ip will trigger
> authentication even if no proxy_auth acl's are defined.
> * Authentication: API for schemes extended to allow handling duplicate
> authentication on a authenticated _connection_ (yes NTLM again).
> * Authentication: Authentication API extended to allow multiple IP's per
> auth_user, and to allow authentication as an orthogonal process to
> authorisation.
> * NTLM: many minor races fixed. Should prevent the "Direction before
> ..." errors and the "Duplicate auth" + login popup bug.
> * Delay pools: Support authentication (Non-NTLM)in delay pools acl's.
> Beginnings of NTLM support for same.
> * Helpers: Stateful helper bugfixes to prevent negative deferred helper
> counts (which prevented ntlm challenge refreshing).
> * configure: detect two more headers for NTLM compilation on some
> platforms.
>

-- 
Adrian Chadd			Yeah, for me its (XML) like the movie Titanic.
<adrian@creative.net.au>	  Everybody loves it.
				    I want to be different, so I hate it.
					--Duane Wessels
Received on Fri Aug 03 2001 - 00:12:38 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:14:09 MST