From d8e9ae6f04ea545412cc1c8db5282c77787d4602 Mon Sep 17 00:00:00 2001 From: Chris Darroch Date: Mon, 21 Jun 2010 23:19:43 +0000 Subject: [PATCH] updated notes on ap_hook_check_* wrappers and AP_AUTH_INTERNAL_* flags git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@956731 13f79535-47bb-0310-9956-ffa450edef68 --- docs/manual/new_api_2_4.xml | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/docs/manual/new_api_2_4.xml b/docs/manual/new_api_2_4.xml index b6e7d4cde2..1b7be08f3a 100644 --- a/docs/manual/new_api_2_4.xml +++ b/docs/manual/new_api_2_4.xml @@ -132,9 +132,22 @@
  • New auth_internal API and auth_provider API
  • New EOR bucket type
  • New function ap_process_async_request
    • -
  • New functions ap_hook_check_access, ap_hook_check_authn, ap_hook_check_authz (why are these called ap_hook_* when they are functions not hooks?)
    • +
  • New flags AP_AUTH_INTERNAL_PER_CONF and AP_AUTH_INTERNAL_PER_URI
    • +
  • New functions ap_hook_check_access, ap_hook_check_authn, ap_hook_check_authz which accept AP_AUTH_INTERNAL_PER_* flags
    • +
  • DEPRECATED direct use of ap_hook_access_checker, ap_hook_check_user_id, ap_hook_auth_checker
  • The auth_checker hook may be called with r->user == NULL
    • +

    When possible, registering all access control hooks (including + authentication and authorization hooks) using AP_AUTH_INTERNAL_PER_CONF + is recommended. If all modules' access control hooks are registered + with this flag, then whenever the server handles an internal + sub-request that matches the same set of access control configuration + directives as the initial request (which is the common case), it can + avoid invoking the access control hooks another time.

    +

    If your module requires the old behavior and must perform access + control checks on every sub-request with a different URI from the + initial request, even if that URI matches the same set of access + control configuration directives, then use AP_AUTH_INTERNAL_PER_URI.

    -- 2.40.0