Towards 2.3...
Aidan Cully
aidan at panix.com
Thu Mar 30 02:11:49 UTC 2000
On Wed, Mar 29, 2000 at 08:13:51PM, Brandon Hume said:
> > chance. Can you give some more specifics on what parts need to be
> > improved?
>
> >From my little playing with it, I'd say what confused me most was
> understanding the associations between access and auth realms, and the means
> by which they were bound to one another.
>
> ie: There seem to be multiple means of association... "default"/"users" and
> the "key" keywords. I've gotten the impression that "key" is essential, yet
> my current, working readers.conf doesn't contain a single instance of it.
> Which has precedence? What happens when they conflict?
"key" is NOT essential... If you never use the "key"word, you probably
won't notice its absence. If you *do* use it, any user that succesfully
authenticates by an "auth" realm using a particular key can *not* have
his access configured by an "access" realm with a different key. At the
same time, any user succesfully authenticated by an "auth" realm without
a key will not have his access set by an "access" realm with a key. If
you want to think of it in terms of precedence, "key" has precedence over
all other bindings.
auth:/resolve: keywords run an external program in response to a password,
or initial connection, respectively. This external program WILL return a
username, or some other access identity to INN, on succesful
authentication. This access identity is checked against the "users"
string in an "access" realm. default: provides an access identity to use
when all other attempts to resolve/authenticate the remote username fail.
Hope this is clear...
--aidan
--
Aidan Cully "I'd rather have a bottle in front of me than a frontal
Not Panix Staff lobotomy."
aidan at panix.com --Dorothy Parker
More information about the inn-workers
mailing list