Anonymous user when not authenticated/public area
In production, it may become interesting to have certain subdirectories accessible without authentication, i.e. public areas.
This is difficult with this module, because when a AssignUserID
or AssignUserIDExpr
directive is present, either a setuid is performed or request processing is aborted.
Setting up public areas would either require
-
a new directive in this module, which specifies a fallback user when AssignUserIDExpr is empty or erroneous (or when a certain expression evaluates to true/false).
-
solving this problem upstream, e.g. setting a variable used in
AssignUserIDExpr
with advanced logic. For a simple case of a default anonymous user in case the request is not authenticated, variable overwriting may suffice.
Note: There is no way to have conditionals inside of expressions (and functions - which can be defined by any module - only take one argument).