Re: AW: auth mechanism and req. record

[prev] [thread] [next] [Date index for 2005/04/22]

> 	well, this is the case for HTTP.

:)

> 
> 
> 	Well I am using a non-HTTP protocol (implemented with the 
> 	multiprotocol capability of Apache2) where client and server
> 	negotiate on an auth mechanism (e.g. CRAM-MD5 or CRAM-SHA1).
> 
> 	These auth mechanisms are implemented in auth handlers which
> 	are invoked via "$r->run_check_user_id()".
> 
> 	The auth data (digest) sent by the client are available to the
> 	protocol handler in the first place and has to be passed to
> 	the auth handlers to be verified. Now I am looking for a 
> 	"canonical place" to put the digest data in.

I suppose $r->notes is as good a place as any, then.  but I guess I find it
a bit odd that there is a "request" in a true protocol handler.  but I don't
really fully understand the whole protocol handler yet, so I guess it's ok :)

--Geoff