Improvements to the auth implementation. Refactor logout page, handle auth redirects in XHR responses and allow auth to work off an OpenID AX attribute or OAuth resource attribute.

git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@1204401 13f79535-47bb-0310-9956-ffa450edef68

2 files changed, 7 insertions, 4 deletions

diff --git a/sca-cpp/trunk/modules/http/http.hpp b/sca-cpp/trunk/modules/http/http.hpp
index 5cf174f4e1..530f3c0c5c 100644
--- a/sca-cpp/trunk/modules/http/http.hpp
+++ b/sca-cpp/trunk/modules/http/http.hpp
@@ -869,8 +869,11 @@ const failable<size_t> recv(char* c, const size_t l, const CURLSession& cs) {
 ostringstream& queryString(const list<list<value> > args, ostringstream& os) {
     if (isNil(args))
         return os;
-    debug(car(args), "http::queryString::arg");
-    os << car(car(args)) << "=" << c_str(cadr(car(args)));
+    const list<value> arg = car(args);
+    debug(arg, "http::queryString::arg");
+    if (isNil(arg) || isNil(cdr(arg)))
+        return queryString(cdr(args), os);
+    os << car(arg) << "=" << c_str(cadr(arg));
     if (!isNil(cdr(args)))
         os << "&";
     return queryString(cdr(args), os);
diff --git a/sca-cpp/trunk/modules/http/mod-security-conf b/sca-cpp/trunk/modules/http/mod-security-conf
index c9f0728f88..a1373906fd 100755
--- a/sca-cpp/trunk/modules/http/mod-security-conf
+++ b/sca-cpp/trunk/modules/http/mod-security-conf
@@ -81,8 +81,8 @@ IH %{MULTIPART_FILE_LIMIT_EXCEEDED}'"
 SecRule MULTIPART_UNMATCHED_BOUNDARY "!@eq 0" "phase:2,t:none,log,deny,status:44,msg:'Multipart parser detected a possible unmatched boundary.'"
 
 # Avoid a potential RegEx DoS condition
-SecPcreMatchLimit 1000
-SecPcreMatchLimitRecursion 1000
+SecPcreMatchLimit 10000
+SecPcreMatchLimitRecursion 10000
 SecRule TX:/^MSC_/ "!@streq 0" "phase:2,t:none,deny,msg:'ModSecurity internal error flagged: %{MATCHED_VAR_NAME}'"
 
 # Detect slow DoS attacks