diff options
author | jsdelfino <jsdelfino@13f79535-47bb-0310-9956-ffa450edef68> | 2013-08-26 03:04:28 +0000 |
---|---|---|
committer | jsdelfino <jsdelfino@13f79535-47bb-0310-9956-ffa450edef68> | 2013-08-26 03:04:28 +0000 |
commit | 18b3a48e842d1e13b5a8505f8fd18069836d8fa5 (patch) | |
tree | 2a95d38899ddddb20356903e163704d6753cf2fb /sca-cpp/trunk/modules/http/mod-openauth.cpp | |
parent | 7905926c413e843d9497948cb824059f2c017f6a (diff) |
Fix handling of login session expiration and incorrect caching of login redirect responses.
git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@1517413 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'sca-cpp/trunk/modules/http/mod-openauth.cpp')
-rw-r--r-- | sca-cpp/trunk/modules/http/mod-openauth.cpp | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/sca-cpp/trunk/modules/http/mod-openauth.cpp b/sca-cpp/trunk/modules/http/mod-openauth.cpp index 3adc488301..1a45473caf 100644 --- a/sca-cpp/trunk/modules/http/mod-openauth.cpp +++ b/sca-cpp/trunk/modules/http/mod-openauth.cpp @@ -28,6 +28,7 @@ * - OAuth2 using Tuscany's mod-tuscany-oauth2 * - OpenID using mod_auth_openid * - Form-based using HTTPD's mod_auth_form + * - HTTP basic auth using mod_auth_basic * - SSL certificate using SSLFakeBasicAuth and mod_auth_basic */ @@ -142,7 +143,7 @@ const failable<int> checkAuthnzProviders(const string& user, const string& pw, r } const failable<int> checkAuthnz(const string& user, const string& pw, request_rec* const r, const DirConf& dc) { - if(substr(user, 0, 1) == "/" && pw == "password") + if(substr(user, 0, 1) == "/") return mkfailure<int>(string("Encountered FakeBasicAuth spoof: ") + user, HTTP_UNAUTHORIZED); if(isNull((const list<AuthnProviderConf>)dc.apcs)) { @@ -224,9 +225,17 @@ const failable<int> authenticated(const list<value>& info, request_rec* const r) const list<value> id = assoc<value>("id", info); if(isNull(id) || isNull(cdr(id))) return mkfailure<int>("Couldn't retrieve user id", HTTP_UNAUTHORIZED); - r->user = apr_pstrdup(r->pool, c_str(cadr(id))); + const string sid = cadr(id); + if (find(sid, '@') != length(sid)) + apr_table_set(r->subprocess_env, apr_pstrdup(r->pool, "EMAIL"), apr_pstrdup(r->pool, c_str(sid))); + r->user = apr_pstrdup(r->pool, c_str(sid)); - apr_table_set(r->subprocess_env, apr_pstrdup(r->pool, "NICKNAME"), apr_pstrdup(r->pool, c_str(cadr(id)))); + // Update the request user field with the authorized user id returned by the authnz hooks + const char* auser = apr_table_get(r->subprocess_env, "AUTHZ_USER"); + if (auser != NULL) + r->user = apr_pstrdup(r->pool, auser); + + apr_table_set(r->subprocess_env, apr_pstrdup(r->pool, "NICKNAME"), apr_pstrdup(r->pool, r->user)); return OK; } |