Change authentication scheme from Form based auth to OpenID + OAuth.

git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@1201614 13f79535-47bb-0310-9956-ffa450edef68
author: jsdelfino <jsdelfino@13f79535-47bb-0310-9956-ffa450edef68> 2011-11-14 07:10:15 +0000
committer: jsdelfino <jsdelfino@13f79535-47bb-0310-9956-ffa450edef68> 2011-11-14 07:10:15 +0000
commit: 4bf0a7052b448315eda710857acafe24bb112a5b (patch)
tree: 89b47bf8471da886a2c523721d76c6ebd5860c28 /sca-cpp
parent: 1b4cab13b70f2d596ecb98e81073dbb45e0e85df (diff)
39 files changed, 267 insertions, 133 deletions
diff --git a/sca-cpp/trunk/.gitignore b/sca-cpp/trunk/.gitignore
index 0a161b3717..1dd44f8fd9 100644
--- a/sca-cpp/trunk/.gitignore
+++ b/sca-cpp/trunk/.gitignore
@@ -56,7 +56,7 @@ m4/
 config.guess
 config.sub
 config.status
-*config.js
+config.js
 all.js
 *-min.html
 *-min.js
@@ -93,7 +93,7 @@ doxygen
 *.jar
 *.prefix
 *.crt
-*.patch
+/*.patch
 index.yaml
 core
 gen-cpp/
@@ -135,7 +135,7 @@ scribe-cat
 js-test
 js-eval
 file-test
-test-start
+test-start*
 xml-value
 value-xml
 json-value
diff --git a/sca-cpp/trunk/README b/sca-cpp/trunk/README
index d532fe68d4..92dfde8154 100644
--- a/sca-cpp/trunk/README
+++ b/sca-cpp/trunk/README
@@ -15,9 +15,9 @@ can be used to help assemble distributed SCA composite applications:
 Cache: key/value memory cache, using Memcached;
 Chat: XMPP chat, using Apache Vysper and Libstrophe;
 Constdb: fast persistent store for mostly constant data, using TinyCDB;
-Filedb: key/value 'NoSQL' persistent store, using plain files;
+Filedb: key/value persistent store, using plain files;
 Http: HTTP client, using Libcurl;
-Kvdb: fast key/value 'NoSQL' persistent store, using LevelDB;
+Kvdb: fast key/value persistent store, using LevelDB;
 Log: distributed logger, using Facebook Scribe;
 Queue: AMQP queuing, using Apache Qpid/C;
 Sqldb: SQL database, using PostgreSQL;
@@ -77,9 +77,9 @@ Here's a rough guide to the Tuscany SCA source tree:
  |   |   |-- cache            Memcached key/value cache
  |   |   |-- chat             XMPP chat
  |   |   |-- constdb          TinyCDB constant persistent store
- |   |   |-- filedb           Plain file NoSQL persistent store
+ |   |   |-- filedb           Plain file persistent store
  |   |   |-- http             HTTP client
- |   |   |-- kvdb             LevelDB NoSQL persistent store
+ |   |   |-- kvdb             LevelDB key/value persistent store
  |   |   |-- log              Scribe logger
  |   |   |-- queue            AMQP message queue
  |   |   |-- sqldb            PostgreSQL database
@@ -98,6 +98,7 @@ Here's a rough guide to the Tuscany SCA source tree:
  |   |
  |   |-- macos                Automated install on Mac OS X 10.1.7
  |   |-- ubuntu               Automated install on Ubuntu 10.10
+ |   |-- patches              Temporary patches to some of the dependencies
  |
  |-- branches                 Topic and release branches
  |
diff --git a/sca-cpp/trunk/macos/macos-install b/sca-cpp/trunk/macos/macos-install
index 2cc8a57dfa..b9474482a4 100755
--- a/sca-cpp/trunk/macos/macos-install
+++ b/sca-cpp/trunk/macos/macos-install
@@ -105,7 +105,8 @@ curl -OL http://memcached.googlecode.com/files/memcached-1.4.7.tar.gz
 tar xzf memcached-1.4.7.tar.gz
 cd memcached-1.4.7
 # http://code.google.com/p/memcached/issues/detail?id=218
-patch -p0<$build/../memcached-1.4.7.patch
+curl -OL http://svn.apache.org/repos/asf/tuscany/sca-cpp/trunk/patches/memcached-1.4.7.patch
+patch -p0 <memcached-1.4.7.patch
 autoreconf --install
 ./configure --with-libevent=$build/libevent-2.0.13-stable-bin --prefix=$build/memcached-1.4.7-bin
 make
@@ -265,10 +266,13 @@ if [ "$?" != "0" ]; then
     exit $?
 fi
 cd $build
-curl -L http://sourceforge.net/projects/mod-security/files/modsecurity-crs/0-CURRENT/modsecurity-crs_2.2.1.tar.gz/download -o modsecurity-crs_2.2.1.tar.gz 
-tar xzf modsecurity-crs_2.2.1.tar.gz
-cp -R $build/modsecurity-crs_2.2.1/base_rules $build/modsecurity-apache-2.6.1-bin
-cp -R $build/modsecurity-crs_2.2.1/optional_rules $build/modsecurity-apache-2.6.1-bin
+curl -L http://sourceforge.net/projects/mod-security/files/modsecurity-crs/0-CURRENT/modsecurity-crs_2.2.2.tar.gz/download -o modsecurity-crs_2.2.2.tar.gz 
+tar xzf modsecurity-crs_2.2.2.tar.gz
+cd modsecurity-crs_2.2.2
+curl -OL http://svn.apache.org/repos/asf/tuscany/sca-cpp/trunk/patches/modsecurity-crs_2.2.2.patch
+patch -p0 <modsecurity-crs_2.2.2.patch
+cp -R base_rules $build/modsecurity-apache-2.6.1-bin
+cp -R optional_rules $build/modsecurity-apache-2.6.1-bin
 if [ "$?" != "0" ]; then
     exit $?
 fi
@@ -305,7 +309,7 @@ fi
 cd $build
 
 # Create src archive
-tar czf tuscany-sca-cpp-1.0-src.tar.gz apache-libcloud-incubating-0.4.2 apache-libcloud-incubating-0.4.2.tar.bz2 apr-1.4.x apr-1.4.x-bin autoconf-2.13 autoconf-2.13-bin autoconf-2.13.tar.gz curl-7.19.5 curl-7.19.5-bin curl-7.19.5.tar.gz expat-2.0.1 expat-2.0.1-bin expat-2.0.1.tar.gz htmltidy-bin httpd-2.3.15-beta httpd-2.3.15-beta.tar.gz httpd-2.3.15-bin js-1.8.5-bin js-1.8.5 js185-1.0.0.tar.gz libcloud-0.4.2-bin libevent-2.0.13-stable libevent-2.0.13-stable-bin libevent-2.0.13-stable.tar.gz liboauth-0.9.1 liboauth-0.9.1-bin liboauth-0.9.1.tar.gz libopkele libopkele-bin libstrophe libstrophe-bin libxml2-2.7.7 libxml2-2.7.7-bin libxml2-sources-2.7.7.tar.gz memcached-1.4.7 memcached-1.4.7-bin memcached-1.4.7.tar.gz mod_auth_openid mod-auth-openid-bin modsecurity-apache_2.6.1 modsecurity-apache-2.6.0-bin modsecurity-apache_2.6.0.tar.gz modsecurity-crs_2.2.1 modsecurity-crs_2.2.1.tar.gz nspr-4.8.8-bin nspr-4.8.8 nspr-4.8.8.tar.gz nuvem pcre-8.12 pcre-8.12-bin pcre-8.12.zip pkg-config-0.25 pkg-config-0.25-bin pkg-config-0.25.tar.gz tidy tinycdb tinycdb-bin leveldb tuscany-sca-cpp tuscany-sca-cpp-bin
+tar czf tuscany-sca-cpp-1.0-src.tar.gz apache-libcloud-incubating-0.4.2 apache-libcloud-incubating-0.4.2.tar.bz2 apr-1.4.x apr-1.4.x-bin autoconf-2.13 autoconf-2.13-bin autoconf-2.13.tar.gz curl-7.19.5 curl-7.19.5-bin curl-7.19.5.tar.gz expat-2.0.1 expat-2.0.1-bin expat-2.0.1.tar.gz htmltidy-bin httpd-2.3.15-beta httpd-2.3.15-beta.tar.gz httpd-2.3.15-bin js-1.8.5-bin js-1.8.5 js185-1.0.0.tar.gz libcloud-0.4.2-bin libevent-2.0.13-stable libevent-2.0.13-stable-bin libevent-2.0.13-stable.tar.gz liboauth-0.9.1 liboauth-0.9.1-bin liboauth-0.9.1.tar.gz libopkele libopkele-bin libstrophe libstrophe-bin libxml2-2.7.7 libxml2-2.7.7-bin libxml2-sources-2.7.7.tar.gz memcached-1.4.7 memcached-1.4.7-bin memcached-1.4.7.tar.gz mod_auth_openid mod-auth-openid-bin modsecurity-apache_2.6.1 modsecurity-apache-2.6.0-bin modsecurity-apache_2.6.0.tar.gz modsecurity-crs_2.2.2 modsecurity-crs_2.2.2.tar.gz nspr-4.8.8-bin nspr-4.8.8 nspr-4.8.8.tar.gz nuvem pcre-8.12 pcre-8.12-bin pcre-8.12.zip pkg-config-0.25 pkg-config-0.25-bin pkg-config-0.25.tar.gz tidy tinycdb tinycdb-bin leveldb tuscany-sca-cpp tuscany-sca-cpp-bin
 
 # Create bin archive
 tar czf tuscany-sca-cpp-1.0.tar.gz apr-1.4.x-bin curl-7.19.5-bin expat-2.0.1-bin htmltidy-bin httpd-2.3.15-bin js-1.8.5-bin libcloud-0.4.2-bin libevent-2.0.13-stable-bin liboauth-0.9.1-bin libopkele-bin libstrophe-bin libxml2-2.7.7-bin memcached-1.4.7-bin mod-auth-openid-bin modsecurity-apache-2.6.1-bin nspr-4.8.8-bin nuvem/nuvem-parallel pcre-8.12-bin tinycdb-bin leveldb tuscany-sca-cpp tuscany-sca-cpp-bin
diff --git a/sca-cpp/trunk/modules/edit/Makefile.am b/sca-cpp/trunk/modules/edit/Makefile.am
index b6a6fc9419..98c0ecc2e9 100644
--- a/sca-cpp/trunk/modules/edit/Makefile.am
+++ b/sca-cpp/trunk/modules/edit/Makefile.am
@@ -20,16 +20,16 @@ if WANT_PYTHON
 moddir = $(prefix)/modules/edit
 dist_mod_SCRIPTS = start stop ssl-start mkapplinks
 
-BUILT_SOURCES = htdocs/headconfig.js htdocs/footconfig.js
-htdocs/headconfig.js:
-	touch htdocs/headconfig.js
+BUILT_SOURCES = htdocs/config.js htdocs/public/config.js
+htdocs/config.js:
+	touch htdocs/config.js
 
-htdocs/footconfig.js:
-	touch htdocs/footconfig.js
+htdocs/public/config.js:
+	touch htdocs/public/config.js
 
-not_minified = htdocs/public/iframe.html htdocs/create/index.html htdocs/page/index.html htdocs/login/index.html htdocs/notfound/index.html htdocs/oops/index.html htdocs/graph/index.html htdocs/notauth/index.html htdocs/account/index.html htdocs/home/index.html htdocs/index.html htdocs/notyet/index.html htdocs/clone/index.html htdocs/stats/index.html htdocs/app/index.html htdocs/logout/index.html htdocs/store/index.html htdocs/headconfig.js htdocs/footconfig.js
+not_minified = htdocs/public/iframe.html htdocs/create/index.html htdocs/page/index.html htdocs/login/index.html htdocs/public/notfound/index.html htdocs/public/oops/index.html htdocs/graph/index.html htdocs/public/notauth/index.html htdocs/account/index.html htdocs/home/index.html htdocs/index.html htdocs/public/notyet/index.html htdocs/clone/index.html htdocs/stats/index.html htdocs/app/index.html htdocs/logout/index.html htdocs/store/index.html htdocs/config.js htdocs/public/config.js
 
-minified = htdocs/public/iframe-min.html htdocs/create/index-min.html htdocs/page/index-min.html htdocs/login/index-min.html htdocs/notfound/index-min.html htdocs/oops/index-min.html htdocs/graph/index-min.html htdocs/notauth/index-min.html htdocs/account/index-min.html htdocs/home/index-min.html htdocs/index-min.html htdocs/notyet/index-min.html htdocs/clone/index-min.html htdocs/stats/index-min.html htdocs/app/index-min.html htdocs/logout/index-min.html htdocs/store/index-min.html htdocs/headconfig-min.js htdocs/footconfig-min.js
+minified = htdocs/public/iframe-min.html htdocs/create/index-min.html htdocs/page/index-min.html htdocs/login/index-min.html htdocs/public/notfound/index-min.html htdocs/public/oops/index-min.html htdocs/graph/index-min.html htdocs/public/notauth/index-min.html htdocs/account/index-min.html htdocs/home/index-min.html htdocs/index-min.html htdocs/public/notyet/index-min.html htdocs/clone/index-min.html htdocs/stats/index-min.html htdocs/app/index-min.html htdocs/logout/index-min.html htdocs/store/index-min.html htdocs/config-min.js htdocs/public/config-min.js
 
 resources = edit.composite *.py htdocs/*.cmf htdocs/*.ico htdocs/home/*.png htdocs/app/*.cmf htdocs/home/*.b64 htdocs/*.txt htdocs/public/*.png htdocs/public/*.b64 palettes/*/palette.composite accounts/*/*.account apps/*/app.composite apps/*/app.stats apps/*/htdocs/app.html dashboards/*/user.apps store/*/store.apps ${not_minified} ${minified}
 
diff --git a/sca-cpp/trunk/modules/edit/accounts.py b/sca-cpp/trunk/modules/edit/accounts.py
index 600134c054..4589f6c0cc 100644
--- a/sca-cpp/trunk/modules/edit/accounts.py
+++ b/sca-cpp/trunk/modules/edit/accounts.py
@@ -25,7 +25,7 @@ def accountid(user):
 # Get the current user's account
 def get(id, user, cache):
     account = cache.get(accountid(user))
-    if isNil(account):
+    if isNil(account) or account is None:
         return ()
     return account
 
diff --git a/sca-cpp/trunk/modules/edit/apps.py b/sca-cpp/trunk/modules/edit/apps.py
index a820f969cb..35a4c79e33 100644
--- a/sca-cpp/trunk/modules/edit/apps.py
+++ b/sca-cpp/trunk/modules/edit/apps.py
@@ -56,7 +56,7 @@ def get(id, cache, store, composites, pages):
     if isNil(id):
         return (("'feed", ("'title", "Apps"), ("'id", "apps")),)
     app = cache.get(appid(id));
-    if (isNil(app) or app is None):
+    if isNil(app) or app is None:
         return (("'entry", ("'title", car(id)), ("'id", car(id))),)
     return app
 
diff --git a/sca-cpp/trunk/modules/edit/composites.py b/sca-cpp/trunk/modules/edit/composites.py
index 7eb8593d18..87569a8700 100644
--- a/sca-cpp/trunk/modules/edit/composites.py
+++ b/sca-cpp/trunk/modules/edit/composites.py
@@ -33,7 +33,7 @@ def get(id, cache):
     if isNil(id):
         return (("'feed", ("'title", "Composites"), ("'id", "composites")),)
     app = cache.get(appid(id));
-    if (isNil(app) or app is None):
+    if isNil(app) or app is None:
         return (("'entry", ("'title", car(id)), ("'id", car(id))),)
     return (("'entry", ("'title", car(id)), ("'id", car(id)), ("'content", car(app))),)
 
diff --git a/sca-cpp/trunk/modules/edit/dashboards.py b/sca-cpp/trunk/modules/edit/dashboards.py
index 5e98c9cb59..f42106e0ec 100644
--- a/sca-cpp/trunk/modules/edit/dashboards.py
+++ b/sca-cpp/trunk/modules/edit/dashboards.py
@@ -25,7 +25,7 @@ def dashboardid(user):
 # Get a dashboard from the cache
 def getdashboard(id, cache):
     dashboard = cache.get(id)
-    if isNil(dashboard):
+    if isNil(dashboard) or dashboard is None:
         return ()
     return dashboard
 
diff --git a/sca-cpp/trunk/modules/edit/htdocs/app/cache-manifest.cmf b/sca-cpp/trunk/modules/edit/htdocs/app/cache-manifest.cmf
index b478c7cd3d..6ea53970aa 100644
--- a/sca-cpp/trunk/modules/edit/htdocs/app/cache-manifest.cmf
+++ b/sca-cpp/trunk/modules/edit/htdocs/app/cache-manifest.cmf
@@ -4,12 +4,12 @@ CACHE MANIFEST
 
 # App resources
 /favicon.ico
-/notauth/
-/notfound/
-/notyet/
-/oops/
 /public/iframe-min.html
 /public/img.png
+/public/notauth/
+/public/notfound/
+/public/notyet/
+/public/oops/
 /public/touchicon.png
 
 NETWORK:
diff --git a/sca-cpp/trunk/modules/edit/htdocs/app/index.html b/sca-cpp/trunk/modules/edit/htdocs/app/index.html
index 97ea0a3f79..0b01c1d3bd 100644
--- a/sca-cpp/trunk/modules/edit/htdocs/app/index.html
+++ b/sca-cpp/trunk/modules/edit/htdocs/app/index.html
@@ -48,6 +48,8 @@ appcache.get = function(uri) {
     if (http.status == 200) {
         if (http.getResponseHeader("X-Login") != null) {
             if (log) log('http error', u, 'X-Login');
+            // Redirect to login page if not signed in
+            document.location = '/login/';
             return null;
         } else if (http.responseText == '' || http.getResponseHeader("Content-Type") == null) {
             if (log) log('http error', u, 'No-Content');
@@ -57,6 +59,9 @@ appcache.get = function(uri) {
         return http.responseText;
     }
     if (log) log('http error', u, http.status, http.statusText);
+    // Redirect to login page if not signed in
+    if (http.status == 403)
+        document.location = '/login/';
     return null;
 };
 
@@ -69,6 +74,10 @@ appcache.get = function(uri) {
     document.head.appendChild(ui.declareCSS(appcache.get('/ui-min.css')));
 })();
 
+// Redirect to login page if not signed in
+if (document.location.protocol == 'https:' && !ui.signedin())
+    document.location = '/login/';
+
 </script>
 </head>
 <body class="delayed" onload="onload();">
@@ -77,7 +86,7 @@ appcache.get = function(uri) {
 <div id="headdiv" class="hsection">
 <script type="text/javascript">
 (function() {
-$('headdiv').appendChild(ui.declareScript(appcache.get('/headconfig-min.js')));
+$('headdiv').appendChild(ui.declareScript(appcache.get('/config-min.js')));
 })();
 </script>
 </div>
@@ -117,8 +126,8 @@ var locationcomp = sca.httpclient('location', '/' + appname + '/location');
 var appresources = [
     ['/all-min.js'],
     ['/ui-min.css'],
-    ['/footconfig-min.js'],
-    ['/headconfig-min.js'],
+    ['/config-min.js'],
+    ['/public/config-min.js']
 ];
 
 /**
@@ -889,11 +898,6 @@ function onload() {
 </script>
 
 <div id="footdiv" class="fsection">
-<script type="text/javascript">
-(function() {
-$('footdiv').appendChild(ui.declareScript(appcache.get('/footconfig-min.js')));
-})();
-</script>
 </div>
 
 </div>
diff --git a/sca-cpp/trunk/modules/edit/htdocs/cache-manifest.cmf b/sca-cpp/trunk/modules/edit/htdocs/cache-manifest.cmf
index 0be3e662d7..cb76f773a3 100644
--- a/sca-cpp/trunk/modules/edit/htdocs/cache-manifest.cmf
+++ b/sca-cpp/trunk/modules/edit/htdocs/cache-manifest.cmf
@@ -5,12 +5,12 @@ CACHE MANIFEST
 # App resources
 /
 /favicon.ico
-/notauth/
-/notfound/
-/notyet/
-/oops/
 /public/iframe-min.html
 /public/img.png
+/public/notauth/
+/public/notfound/
+/public/notyet/
+/public/oops/
 /public/touchicon.png
 
 NETWORK:
diff --git a/sca-cpp/trunk/modules/edit/htdocs/index.html b/sca-cpp/trunk/modules/edit/htdocs/index.html
index 547c11652a..0a57717a06 100644
--- a/sca-cpp/trunk/modules/edit/htdocs/index.html
+++ b/sca-cpp/trunk/modules/edit/htdocs/index.html
@@ -48,6 +48,8 @@ appcache.get = function(uri) {
     if (http.status == 200) {
         if (http.getResponseHeader("X-Login") != null) {
             if (log) log('http error', u, 'X-Login');
+            // Redirect to login page if not signed in
+            document.location = '/login/';
             return null;
         } else if (http.responseText == '' || http.getResponseHeader("Content-Type") == null) {
             if (log) log('http error', u, 'No-Content');
@@ -57,6 +59,9 @@ appcache.get = function(uri) {
         return http.responseText;
     }
     if (log) log('http error', u, http.status, http.statusText);
+    // Redirect to login page if not signed in
+    if (http.status == 403)
+        document.location = '/login/';
     return null;
 };
 
@@ -69,6 +74,10 @@ appcache.get = function(uri) {
     document.head.appendChild(ui.declareCSS(appcache.get('/ui-min.css')));
 })();
 
+// Redirect to login page if not signed in
+if (document.location.protocol == 'https:' && !ui.signedin())
+    document.location = '/login/';
+
 </script>
 </head>
 <body class="delayed" onload="onload();">
@@ -77,7 +86,7 @@ appcache.get = function(uri) {
 <div id="headdiv" class="hsection">
 <script type="text/javascript">
 (function() {
-$('headdiv').appendChild(ui.declareScript(appcache.get('/headconfig-min.js')));
+$('headdiv').appendChild(ui.declareScript(appcache.get('/config-min.js')));
 })();
 </script>
 </div>
@@ -117,13 +126,13 @@ var appresources = [
     ['/account/', 'flip'],
     ['/clone/', 'flip'],
     ['/create/', 'flip'],
-    ['/footconfig-min.js'],
     ['/graph/', 'flip'],
-    ['/headconfig-min.js'],
+    ['/config-min.js'],
     ['/home/', 'right'],
     ['/home/home.b64'],
     ['/page/', 'flip'],
     ['/public/app.b64'],
+    ['/public/config-min.js'],
     ['/public/grid72.b64'],
     ['/public/iframe-min.html'],
     ['/public/img.b64'],
@@ -249,7 +258,9 @@ function showmenu(mdiv, view, appname) {
                         ui.menu('Stats', '/#view=stats&app=' + appname, '_view', view == 'stats'),
                         ui.menu('Page', '/#view=page&app=' + appname, '_view', view == 'page'),
                         ui.menu(isNil(config.compose)? 'Composition' : config.compose, '/#view=graph&app=' + appname, '_view', view == 'graph'))),
-        mklist(ui.menu('Account', '/#view=account', '_view', view == 'account'), ui.menu('Sign out', '/logout/', '_self', false)));
+        mklist(
+            ui.menu('Account', '/#view=account', '_view', view == 'account'),
+            ui.signedin()? ui.menu('Sign out', '/logout/', '_self', false) : ui.menu('Sign in', '/login/', '_self', false)));
 }
 
 /**
@@ -486,11 +497,6 @@ function onload() {
 </script>
 
 <div id="footdiv" class="fsection">
-<script type="text/javascript">
-(function() {
-$('footdiv').appendChild(ui.declareScript(appcache.get('/footconfig-min.js')));
-})();
-</script>
 </div>
 
 </div>
diff --git a/sca-cpp/trunk/modules/edit/htdocs/login/index.html b/sca-cpp/trunk/modules/edit/htdocs/login/index.html
index 76709af15e..982f8cf446 100644
--- a/sca-cpp/trunk/modules/edit/htdocs/login/index.html
+++ b/sca-cpp/trunk/modules/edit/htdocs/login/index.html
@@ -32,7 +32,8 @@
 
 <h1>Sign in</h1>
 
-<form name="formSignin" onsubmit="submitSignin();" method="POST" action="/login/dologin/">
+<!--
+<form name="passwordSignin" onsubmit="submitPasswordSignin();" method="POST" action="/login/dologin/">
 <table border="0">
 <tr><td><b>Username:</b></td></tr>
 <tr><td><input type="text" id="httpd_username" name="httpd_username" value="" size="15" autocapitalize="off" placeholder="Enter your user name" style="width: 300px;"/></td></tr>
@@ -42,6 +43,33 @@
 </table>
 <input type="hidden" name="httpd_location" value="/"/>
 </form>
+-->
+
+<form name="openIDForm">
+<table border="0">
+<tr><td><b>Sign in with your Google account</b></td></tr>
+<tr><td><input type="button" value="Sign in" class="graybutton" style="font-weight: bold;" onclick="submitOpenIDSignin(withGoogle)"/></td></tr>
+</table>
+</form>
+
+<form name="oauth2Form">
+<table border="0">
+<tr><td><b>Sign in with your Facebook account</b></td></tr>
+<tr><td><input type="button"  value="Sign in" class="graybutton" style="font-weight: bold;" onclick="submitOAuth2Signin(withFacebook)"/></td></tr>
+</table>
+</form>
+
+<form name="openIDSignin" action="/" method="GET">
+<input type="hidden" name="openid_identifier" value=""/>
+</form>
+
+<form name="oauth2Signin" action="/" method="GET">
+<input type="hidden" name="mod_oauth2_authorize" value=""/>
+<input type="hidden" name="mod_oauth2_access_token" value=""/>
+<input type="hidden" name="mod_oauth2_client_id" value=""/>
+<input type="hidden" name="mod_oauth2_info" value=""/>
+<input type="hidden" name="mod_oauth2_step" value="authorize"/>
+</form>
 
 <script type="text/javascript">
 function queryParams() {
@@ -55,7 +83,7 @@ function queryParams() {
     return qp;
 }
 
-function oauthReferrer() {
+function formReferrer() {
     r = queryParams()['openauth_referrer'];
     if (typeof(r) == 'undefined')
         return '/';
@@ -68,11 +96,68 @@ function oauthReferrer() {
     return r;
 }
 
-function submitSignin() {
-    var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/';
+function openauthReferrer() {
+    r = queryParams()['openauth_referrer'];
+    if (typeof(r) == 'undefined')
+        return '/';
+    q = r.indexOf('?');
+    if (q > 0)
+        return r.substring(0, q);
+    return r;
+}
+
+/**
+ * Signin with a userid and password.
+ */
+function submitPasswordSignin() {
+    var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + domainname(window.location.hostname) + '; path=/';
+    document.cookie = reset;
+    localStorage.removeItem('/r/EditWidget/accounts');
+    localStorage.removeItem('/r/EditWidget/dashboards');
+    //localStorage.clear();
+    document.passwordSignin.httpd_location.value = formReferrer();
+    document.passwordSignin.submit();
+}
+
+/**
+ * Signin with OpenID.
+ */
+function submitOpenIDSignin(w) {
+    var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + domainname(window.location.hostname) + '; path=/';
+    document.cookie = reset;
+    localStorage.removeItem('/r/EditWidget/accounts');
+    localStorage.removeItem('/r/EditWidget/dashboards');
+    //localStorage.clear();
+    document.openIDSignin.openid_identifier.value = w();
+    document.openIDSignin.action = openauthReferrer();
+    document.openIDSignin.submit();
+}
+
+function withGoogle() {
+    return 'https://www.google.com/accounts/o8/id';
+}
+
+/**
+ * Signin with OAuth 2.0.
+ */
+function submitOAuth2Signin(w) {
+    parms = w();
+    var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + domainname(window.location.hostname) + '; path=/';
     document.cookie = reset;
-    document.formSignin.httpd_location.value = oauthReferrer();
-    document.formSignin.submit();
+    localStorage.removeItem('/r/EditWidget/accounts');
+    localStorage.removeItem('/r/EditWidget/dashboards');
+    //localStorage.clear();
+    document.oauth2Signin.mod_oauth2_authorize.value = parms[0];
+    document.oauth2Signin.mod_oauth2_access_token.value = parms[1];
+    document.oauth2Signin.mod_oauth2_client_id.value = parms[2];
+    document.oauth2Signin.mod_oauth2_info.value = parms[3];
+    document.oauth2Signin.action = openauthReferrer();
+    document.oauth2Signin.submit();
+}
+
+function withFacebook() {
+    var parms = ['https://graph.facebook.com/oauth/authorize', 'https://graph.facebook.com/oauth/access_token', 'facebook.com', 'https://graph.facebook.com/me'];
+    return parms;
 }
 
 /**
diff --git a/sca-cpp/trunk/modules/edit/htdocs/logout/index.html b/sca-cpp/trunk/modules/edit/htdocs/logout/index.html
index f5dd06ee99..133b6b7348 100644
--- a/sca-cpp/trunk/modules/edit/htdocs/logout/index.html
+++ b/sca-cpp/trunk/modules/edit/htdocs/logout/index.html
@@ -32,16 +32,18 @@
 
 <h1>Sign out</h1>
 
-<form name="signout" onsubmit="submitSignout();" action="/" method="GET">
+<form name="signout" onsubmit="submitSignout();" action="/login/" method="GET">
 <input type="submit" id="signOut" value="Sign out" class="graybutton" style="font-weight: bold"/>
 </form>
 
 <script type="text/javascript">
 function submitSignout() {
-    // Clear session cookie and local storage
+    // Clear session cookie and user-specific local storage entries
     var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + domainname(window.location.hostname) + '; path=/';
     document.cookie = reset;
-    localStorage.clear();
+    localStorage.removeItem('/r/EditWidget/accounts');
+    localStorage.removeItem('/r/EditWidget/dashboards');
+    //localStorage.clear();
     document.signout.submit();
     return true;
 }
diff --git a/sca-cpp/trunk/modules/edit/htdocs/notauth/index.html b/sca-cpp/trunk/modules/edit/htdocs/public/notauth/index.html
index b44ccb26e9..8a688c9aa5 100644
--- a/sca-cpp/trunk/modules/edit/htdocs/notauth/index.html
+++ b/sca-cpp/trunk/modules/edit/htdocs/public/notauth/index.html
@@ -76,7 +76,7 @@ appcache.get = function(uri) {
 <div id="headdiv" class="hsection">
 <script type="text/javascript">
 (function() {
-$('headdiv').appendChild(ui.declareScript(appcache.get('/headconfig-min.js')));
+$('headdiv').appendChild(ui.declareScript(appcache.get('/public/config-min.js')));
 })();
 </script>
 </div>
@@ -109,8 +109,8 @@ var cdiv = $('content');
  */
 function showmenu(mdiv) {
     mdiv.innerHTML = ui.menubar(
-        mklist(ui.menu('Home', '/', '_view', false), ui.menu('Store', '/#view=store', '_view', false)),
-            mklist(ui.menu('Account', '/#view=account', '_view', false), ui.menu('Sign out', '/logout/', '_self', false)));
+        mklist(ui.menu('Home', '/', '_view', false)),
+            mklist(ui.signedin()? ui.menu('Sign out', '/logout/', '_self', false) : ui.menu('Sign in', '/login/', '_self', false)));
 }
 
 showmenu(mdiv);
@@ -145,11 +145,6 @@ function onload() {
 </script>
 
 <div id="footdiv" class="fsection">
-<script type="text/javascript">
-(function() {
-$('footdiv').appendChild(ui.declareScript(appcache.get('/footconfig-min.js')));
-})();
-</script>
 </div>
 
 </div>
diff --git a/sca-cpp/trunk/modules/edit/htdocs/notfound/index.html b/sca-cpp/trunk/modules/edit/htdocs/public/notfound/index.html
index 6b3bb09824..b7ba34c416 100644
--- a/sca-cpp/trunk/modules/edit/htdocs/notfound/index.html
+++ b/sca-cpp/trunk/modules/edit/htdocs/public/notfound/index.html
@@ -76,7 +76,7 @@ appcache.get = function(uri) {
 <div id="headdiv" class="hsection">
 <script type="text/javascript">
 (function() {
-$('headdiv').appendChild(ui.declareScript(appcache.get('/headconfig-min.js')));
+$('headdiv').appendChild(ui.declareScript(appcache.get('/public/config-min.js')));
 })();
 </script>
 </div>
@@ -110,8 +110,8 @@ var cdiv = $('content');
  */
 function showmenu(mdiv) {
     mdiv.innerHTML = ui.menubar(
-        mklist(ui.menu('Home', '/', '_view', false), ui.menu('Store', '/#view=store', '_view', false)),
-            mklist(ui.menu('Account', '/#view=account', '_view', false), ui.menu('Sign out', '/logout/', '_self', false)));
+        mklist(ui.menu('Home', '/', '_view', false)),
+            mklist(ui.signedin()? ui.menu('Sign out', '/logout/', '_self', false) : ui.menu('Sign in', '/login/', '_self', false)));
 }
 
 showmenu(mdiv);
@@ -146,11 +146,6 @@ function onload() {
 </script>
 
 <div id="footdiv" class="fsection">
-<script type="text/javascript">
-(function() {
-$('footdiv').appendChild(ui.declareScript(appcache.get('/footconfig-min.js')));
-})();
-</script>
 </div>
 
 </div>
diff --git a/sca-cpp/trunk/modules/edit/htdocs/notyet/index.html b/sca-cpp/trunk/modules/edit/htdocs/public/notyet/index.html
index d01e535299..ca164f3172 100644
--- a/sca-cpp/trunk/modules/edit/htdocs/notyet/index.html
+++ b/sca-cpp/trunk/modules/edit/htdocs/public/notyet/index.html
@@ -76,7 +76,7 @@ appcache.get = function(uri) {
 <div id="headdiv" class="hsection">
 <script type="text/javascript">
 (function() {
-$('headdiv').appendChild(ui.declareScript(appcache.get('/headconfig-min.js')));
+$('headdiv').appendChild(ui.declareScript(appcache.get('/public/config-min.js')));
 })();
 </script>
 </div>
@@ -110,8 +110,8 @@ var cdiv = $('content');
  */
 function showmenu(mdiv) {
     mdiv.innerHTML = ui.menubar(
-        mklist(ui.menu('Home', '/', '_view', false), ui.menu('Store', '/#view=store', '_view', false)),
-            mklist(ui.menu('Account', '/#view=account', '_view', false), ui.menu('Sign out', '/logout/', '_self', false)));
+        mklist(ui.menu('Home', '/', '_view', false)),
+            mklist(ui.signedin()? ui.menu('Sign out', '/logout/', '_self', false) : ui.menu('Sign in', '/login/', '_self', false)));
 }
 
 showmenu(mdiv);
@@ -146,11 +146,6 @@ function onload() {
 </script>
 
 <div id="footdiv" class="fsection">
-<script type="text/javascript">
-(function() {
-$('footdiv').appendChild(ui.declareScript(appcache.get('/footconfig-min.js')));
-})();
-</script>
 </div>
 
 </div>
diff --git a/sca-cpp/trunk/modules/edit/htdocs/oops/index.html b/sca-cpp/trunk/modules/edit/htdocs/public/oops/index.html
index aeb5ae5d2c..8cfe2f6537 100644
--- a/sca-cpp/trunk/modules/edit/htdocs/oops/index.html
+++ b/sca-cpp/trunk/modules/edit/htdocs/public/oops/index.html
@@ -76,7 +76,7 @@ appcache.get = function(uri) {
 <div id="headdiv" class="hsection">
 <script type="text/javascript">
 (function() {
-$('headdiv').appendChild(ui.declareScript(appcache.get('/headconfig-min.js')));
+$('headdiv').appendChild(ui.declareScript(appcache.get('/public/config-min.js')));
 })();
 </script>
 </div>
@@ -109,8 +109,8 @@ var cdiv = $('content');
  */
 function showmenu(mdiv) {
     mdiv.innerHTML = ui.menubar(
-        mklist(ui.menu('Home', '/', '_view', false), ui.menu('Store', '/#view=store', '_view', false)),
-            mklist(ui.menu('Account', '/#view=account', '_view', false), ui.menu('Sign out', '/logout/', '_self', false)));
+        mklist(ui.menu('Home', '/', '_view', false)),
+            mklist(ui.signedin()? ui.menu('Sign out', '/logout/', '_self', false) : ui.menu('Sign in', '/login/', '_self', false)));
 }
 
 showmenu(mdiv);
@@ -145,11 +145,6 @@ function onload() {
 </script>
 
 <div id="footdiv" class="fsection">
-<script type="text/javascript">
-(function() {
-$('footdiv').appendChild(ui.declareScript(appcache.get('/footconfig-min.js')));
-})();
-</script>
 </div>
 
 </div>
diff --git a/sca-cpp/trunk/modules/edit/pages.py b/sca-cpp/trunk/modules/edit/pages.py
index aa84f40162..99392aeeef 100644
--- a/sca-cpp/trunk/modules/edit/pages.py
+++ b/sca-cpp/trunk/modules/edit/pages.py
@@ -33,7 +33,7 @@ def get(id, cache):
     if isNil(id):
         return (("'feed", ("'title", "Pages"), ("'id", "pages")),)
     xhtml = cache.get(appid(id))
-    if (isNil(xhtml) or xhtml is None):
+    if isNil(xhtml) or xhtml is None:
         return (("'entry", ("'title", car(id)), ("'id", car(id))),)
     return (("'entry", ("'title", car(id)), ("'id", car(id)), ("'content", car(xhtml))),)
 
diff --git a/sca-cpp/trunk/modules/edit/ssl-start b/sca-cpp/trunk/modules/edit/ssl-start
index f467371b80..5103566a5c 100755
--- a/sca-cpp/trunk/modules/edit/ssl-start
+++ b/sca-cpp/trunk/modules/edit/ssl-start
@@ -32,11 +32,30 @@ jsprefix=`echo "import os; print os.path.realpath('$here/../js')" | python`
 ../../modules/http/httpd-event-conf tmp
 ../../modules/http/httpd-ssl-conf tmp 8453
 
-# Configure authentication
-../../modules/http/open-auth-conf tmp
-../../modules/http/passwd-auth-conf tmp john john
-../../modules/http/passwd-auth-conf tmp jane jane
-../../modules/http/passwd-auth-conf tmp admin admin
+# Configure password authentication
+#../../modules/http/open-auth-conf tmp
+#../../modules/http/passwd-auth-conf tmp john john
+#../../modules/http/passwd-auth-conf tmp jane jane
+#../../modules/http/passwd-auth-conf tmp admin admin
+
+# Configure OAuth authentication
+# Configure your OAuth app keys here
+../../modules/oauth/oauth-conf tmp
+../../modules/oauth/oauth-memcached-conf tmp sca-store.com 11212
+../../modules/oauth/oauth2-appkey-conf tmp facebook.com 12345 67890
+
+# Configure OpenID step2 authentication
+../../modules/openid/openid-conf tmp
+../../modules/openid/openid-step2-conf tmp
+../../modules/openid/openid-memcached-conf tmp sca-store.com 11212
+
+# Configure authorized users
+#../../modules/http/group-auth-conf tmp john
+#../../modules/http/group-auth-conf tmp jane
+#../../modules/http/group-auth-conf tmp admin
+# Configure your OpenID and OAuth ids here
+../../modules/http/group-auth-conf tmp https://www.google.com/accounts/o8/id?id=45678
+../../modules/http/group-auth-conf tmp 23456789
 
 # Configure mod-security
 ../../modules/http/mod-security-conf tmp
@@ -48,9 +67,10 @@ jsprefix=`echo "import os; print os.path.realpath('$here/../js')" | python`
 # Configure error pages
 cat >>tmp/conf/svhost-ssl.conf <<EOF
 # Error pages
-ErrorDocument 404 /notfound/
-ErrorDocument 401 /notauth/
-ErrorDocument 500 /oops/
+ErrorDocument 404 /public/notfound/
+ErrorDocument 401 /public/notauth/
+ErrorDocument 500 /public/oops/
+ErrorDocument 405 /public/oops/
 
 EOF
 
@@ -100,8 +120,9 @@ EOF
 mkdir -p tmp/appdata/filedb
 
 # Start memcached
-../../components/cache/memcached-start
+../../components/cache/memcached-start 11211
+../../components/cache/memcached-start 11212
 
 # Start server
-../http/httpd-start tmp
+../../modules/http/httpd-start tmp
 
diff --git a/sca-cpp/trunk/modules/edit/start b/sca-cpp/trunk/modules/edit/start
index dfc6fa2b14..361cead2df 100755
--- a/sca-cpp/trunk/modules/edit/start
+++ b/sca-cpp/trunk/modules/edit/start
@@ -34,9 +34,10 @@ jsprefix=`echo "import os; print os.path.realpath('$here/../js')" | python`
 # Configure error pages
 cat >>tmp/conf/svhost.conf <<EOF
 # Error pages
-ErrorDocument 404 /notfound/
-ErrorDocument 401 /notauth/
-ErrorDocument 500 /oops/
+ErrorDocument 404 /public/notfound/
+ErrorDocument 401 /public/notauth/
+ErrorDocument 500 /public/oops/
+ErrorDocument 405 /public/oops/
 
 EOF
 
@@ -86,7 +87,8 @@ mkdir -p tmp/appdata/filedb
 
 # Start memcached
 ../../components/cache/memcached-start 11211
+../../components/cache/memcached-start 11212
 
 # Start server
-../http/httpd-start tmp
+../../modules/http/httpd-start tmp
 
diff --git a/sca-cpp/trunk/modules/edit/stop b/sca-cpp/trunk/modules/edit/stop
index bc831c18a6..60c25f88f5 100755
--- a/sca-cpp/trunk/modules/edit/stop
+++ b/sca-cpp/trunk/modules/edit/stop
@@ -17,6 +17,7 @@
 #  specific language governing permissions and limitations
 #  under the License.
 
-../http/httpd-stop tmp
+../../modules/http/httpd-stop tmp
 ../../components/cache/memcached-stop 11211
+../../components/cache/memcached-stop 11212
 
diff --git a/sca-cpp/trunk/modules/edit/store.py b/sca-cpp/trunk/modules/edit/store.py
index eaa68b1d23..79750975a5 100644
--- a/sca-cpp/trunk/modules/edit/store.py
+++ b/sca-cpp/trunk/modules/edit/store.py
@@ -25,7 +25,7 @@ def storeid(tag):
 # Get a store from the cache
 def getstore(id, cache):
     store = cache.get(id)
-    if isNil(store):
+    if isNil(store) or store is None:
         return ()
     return store
 
diff --git a/sca-cpp/trunk/modules/http/httpd-conf b/sca-cpp/trunk/modules/http/httpd-conf
index 516debd795..67de40e5a6 100755
--- a/sca-cpp/trunk/modules/http/httpd-conf
+++ b/sca-cpp/trunk/modules/http/httpd-conf
@@ -267,6 +267,11 @@ AuthUserFile "$root/conf/httpd.passwd"
 Require all granted
 </Location>
 
+# Mark login page with a header
+<Location /login>
+Header set X-Login open-auth
+</Location>
+
 EOF
 
 # Create password and group files
diff --git a/sca-cpp/trunk/modules/http/httpd.hpp b/sca-cpp/trunk/modules/http/httpd.hpp
index d413e6c288..c1cc16d08d 100644
--- a/sca-cpp/trunk/modules/http/httpd.hpp
+++ b/sca-cpp/trunk/modules/http/httpd.hpp
@@ -603,6 +603,7 @@ const int externalRedirect(const string& uri, request_rec* r) {
     debug(uri, "httpd::externalRedirect");
     r->status = HTTP_MOVED_TEMPORARILY;
     apr_table_setn(r->headers_out, "Location", apr_pstrdup(r->pool, c_str(uri)));
+    apr_table_setn(r->headers_out, "Cache-Control", "no-cache");
     r->filename = apr_pstrdup(r->pool, c_str(string("/redirect:/") + uri));
     return HTTP_MOVED_TEMPORARILY;
 }
diff --git a/sca-cpp/trunk/modules/http/open-auth-conf b/sca-cpp/trunk/modules/http/open-auth-conf
index bed20d75a9..66d36242e2 100755
--- a/sca-cpp/trunk/modules/http/open-auth-conf
+++ b/sca-cpp/trunk/modules/http/open-auth-conf
@@ -35,7 +35,7 @@ cat >>$root/conf/auth.conf <<EOF
 AuthType Open
 AuthName "$host"
 Session On
-SessionCookieName TuscanyOpenAuth domain=.$host; path=/; max-age=31556926
+SessionCookieName TuscanyOpenAuth domain=.$host; path=/
 SessionCryptoPassphrase $pw
 AuthOpenAuth On
 AuthOpenAuthLoginPage /login
@@ -53,10 +53,5 @@ Require valid-user
 SetHandler form-login-handler
 </Location>
 
-# Mark login page with a header
-<Location /login>
-Header set X-Login open-auth
-</Location>
-
 EOF
 
diff --git a/sca-cpp/trunk/modules/http/openauth.hpp b/sca-cpp/trunk/modules/http/openauth.hpp
index d7377324d9..e044a74fe2 100644
--- a/sca-cpp/trunk/modules/http/openauth.hpp
+++ b/sca-cpp/trunk/modules/http/openauth.hpp
@@ -77,7 +77,7 @@ const string cookie(const string& sid, const string& domain) {
     const time_t t = time(NULL) + 86400;
     char exp[32];
     strftime(exp, 32, "%a, %d-%b-%Y %H:%M:%S GMT", gmtime(&t));
-    const string c = string("TuscanyOpenAuth=") + sid + ";domain=." + domain + ";path=/;expires=" + string(exp) + ";secure=TRUE";
+    const string c = string("TuscanyOpenAuth=") + sid + "; expires=" + string(exp) + "; domain=." + domain + "; path=/";
     debug(c, "openauth::cookie");
     return c;
 }
diff --git a/sca-cpp/trunk/modules/js/htdocs/ui.js b/sca-cpp/trunk/modules/js/htdocs/ui.js
index d8628f6dd0..ee65d62e56 100644
--- a/sca-cpp/trunk/modules/js/htdocs/ui.js
+++ b/sca-cpp/trunk/modules/js/htdocs/ui.js
@@ -193,6 +193,13 @@ ui.windowtitle = function(host) {
 };
 
 /**
+ * Return true if the session cookie contains signin information.
+ */
+ui.signedin = function() {
+    return !isNil(document.cookie) && document.cookie.indexOf('TuscanyOpenAuth=') != -1;
+};
+
+/**
  * Convert a CSS position to a numeric position.
  */
 ui.numpos = function(p) {
diff --git a/sca-cpp/trunk/modules/oauth/htdocs/login/index.html b/sca-cpp/trunk/modules/oauth/htdocs/login/index.html
index 3805deade3..d1002f79ec 100644
--- a/sca-cpp/trunk/modules/oauth/htdocs/login/index.html
+++ b/sca-cpp/trunk/modules/oauth/htdocs/login/index.html
@@ -57,7 +57,7 @@ if (typeof(oauthReferrer()) == 'undefined') {
 
 function submitSignin2(w) {
     parms = w();
-    var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE';
+    var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + window.location.hostname + '; path=/';
     document.cookie = reset;
     document.signin2.mod_oauth2_authorize.value = parms[0];
     document.signin2.mod_oauth2_access_token.value = parms[1];
@@ -79,7 +79,7 @@ function withGithub() {
 
 function submitSignin1(w) {
     parms = w();
-    var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE';
+    var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + window.location.hostname + '; path=/';
     document.cookie = reset;
     document.signin1.mod_oauth1_request_token.value = parms[0];
     document.signin1.mod_oauth1_authorize.value = parms[1];
diff --git a/sca-cpp/trunk/modules/oauth/htdocs/login/mixed.html b/sca-cpp/trunk/modules/oauth/htdocs/login/mixed.html
index 8be8a4deaa..57484dc479 100644
--- a/sca-cpp/trunk/modules/oauth/htdocs/login/mixed.html
+++ b/sca-cpp/trunk/modules/oauth/htdocs/login/mixed.html
@@ -30,7 +30,7 @@
 
 <script type="text/javascript">
 function submitFormSignin() {
-    var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE';
+    var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + window.location.hostname + '; path=/';
     document.cookie = reset;
     document.formSignin.httpd_location.value = '/';
     document.formSignin.submit();
@@ -62,7 +62,7 @@ if (typeof(openauthReferrer()) == 'undefined') {
 }
 
 function submitOpenIDSignin(w) {
-    var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE';
+    var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + window.location.hostname + '; path=/';
     document.cookie = reset;
     document.openIDSignin.openid_identifier.value = w();
     document.openIDSignin.action = openauthReferrer();
@@ -111,7 +111,7 @@ function withXRDSEndpoint() {
 
 function submitOAuth2Signin(w) {
     parms = w();
-    var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE';
+    var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + window.location.hostname + '; path=/';
     document.cookie = reset;
     document.oauth2Signin.mod_oauth2_authorize.value = parms[0];
     document.oauth2Signin.mod_oauth2_access_token.value = parms[1];
@@ -133,7 +133,7 @@ function withGithub() {
 
 function submitOAuth1Signin(w) {
     parms = w();
-    var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE';
+    var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + window.location.hostname + '; path=/';
     document.cookie = reset;
     document.oauth1Signin.mod_oauth1_request_token.value = parms[0];
     document.oauth1Signin.mod_oauth1_authorize.value = parms[1];
diff --git a/sca-cpp/trunk/modules/oauth/htdocs/logout/index.html b/sca-cpp/trunk/modules/oauth/htdocs/logout/index.html
index 267c501b83..35172da07f 100644
--- a/sca-cpp/trunk/modules/oauth/htdocs/logout/index.html
+++ b/sca-cpp/trunk/modules/oauth/htdocs/logout/index.html
@@ -32,7 +32,7 @@
 <form name="signout" action="/login" method="GET">
 <script type="text/javascript">
 function submitSignout() {
-    var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + window.location.hostname + ';path=/;secure=TRUE';
+    var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + window.location.hostname + '; path=/';
     document.cookie = reset;
     document.signout.submit();
     return true;
diff --git a/sca-cpp/trunk/modules/oauth/oauth-conf b/sca-cpp/trunk/modules/oauth/oauth-conf
index 02f81a240b..856eea7f39 100755
--- a/sca-cpp/trunk/modules/oauth/oauth-conf
+++ b/sca-cpp/trunk/modules/oauth/oauth-conf
@@ -41,6 +41,12 @@ LoadModule mod_tuscany_oauth2 $here/libmod_tuscany_oauth2$libsuffix
 
 EOF
 
+cat >$root/cert/oauth-keys.conf <<EOF
+# Generated by: oauth-conf $*
+# OAuth App keys
+
+EOF
+
 cat >>$root/conf/auth.conf <<EOF
 # Generated by: oauth-conf $*
 # Enable OAuth authentication
@@ -54,13 +60,14 @@ Require valid-user
 
 # Configure OAuth App keys
 Include $root/cert/oauth-keys.conf
-Include $HOME/.oauth/*-key.conf
 
 EOF
 
-cat >$root/cert/oauth-keys.conf <<EOF
-# Generated by: oauth-conf $*
-# OAuth App keys
+if [ -d "$HOME/.oauth" ]; then
+    cat >>$root/conf/auth.conf <<EOF
+# Configure OAuth App keys
+Include $HOME/.oauth/*-key.conf
 
 EOF
+fi
 
diff --git a/sca-cpp/trunk/modules/openid/htdocs/login/index.html b/sca-cpp/trunk/modules/openid/htdocs/login/index.html
index a90b669dd7..dcb10e111f 100644
--- a/sca-cpp/trunk/modules/openid/htdocs/login/index.html
+++ b/sca-cpp/trunk/modules/openid/htdocs/login/index.html
@@ -56,7 +56,7 @@ if (typeof(openidReferrer()) == 'undefined') {
 }
 
 function submitSignin(w) {
-    var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE';
+    var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + window.location.hostname + '; path=/';
     document.cookie = reset;
     document.signin.openid_identifier.value = w();
     document.signin.action = openidReferrer();
diff --git a/sca-cpp/trunk/modules/openid/htdocs/logout/index.html b/sca-cpp/trunk/modules/openid/htdocs/logout/index.html
index 7780e9dec3..35172da07f 100644
--- a/sca-cpp/trunk/modules/openid/htdocs/logout/index.html
+++ b/sca-cpp/trunk/modules/openid/htdocs/logout/index.html
@@ -32,7 +32,7 @@
 <form name="signout" action="/login" method="GET">
 <script type="text/javascript">
 function submitSignout() {
-    var reset = 'TuscanyOpenAuth=;expires=' + new Date(1970,01,01).toGMTString() + ';domain=.' + domainname(window.location.hostname) + ';path=/;secure=TRUE';
+    var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + window.location.hostname + '; path=/';
     document.cookie = reset;
     document.signout.submit();
     return true;
diff --git a/sca-cpp/trunk/modules/openid/openid-conf b/sca-cpp/trunk/modules/openid/openid-conf
index 4cc8bcdd40..021c8b1e82 100755
--- a/sca-cpp/trunk/modules/openid/openid-conf
+++ b/sca-cpp/trunk/modules/openid/openid-conf
@@ -44,8 +44,7 @@ Require valid-user
 AuthOpenIDEnabled On
 AuthOpenIDCookiePath /
 AuthOpenIDCookieName TuscanyOpenAuth
-AuthOpenIDSecureCookie On
-AuthOpenIDLoginPage /login
+AuthOpenIDLoginPage /login/
 AuthOpenIDAXAdd EMAIL http://axschema.org/contact/email
 AuthOpenIDAXAdd FULLNAME http://axschema.org/namePerson
 AuthOpenIDAXAdd NICKNAME http://axschema.org/namePerson/friendly
diff --git a/sca-cpp/trunk/macos/memcached-1.4.7.patch b/sca-cpp/trunk/patches/memcached-1.4.7.patch
index f34d75753e..f34d75753e 100644
--- a/sca-cpp/trunk/macos/memcached-1.4.7.patch
+++ b/sca-cpp/trunk/patches/memcached-1.4.7.patch
diff --git a/sca-cpp/trunk/patches/modsecurity-crs_2.2.2.patch b/sca-cpp/trunk/patches/modsecurity-crs_2.2.2.patch
new file mode 100644
index 0000000000..2ff56de749
--- /dev/null
+++ b/sca-cpp/trunk/patches/modsecurity-crs_2.2.2.patch
@@ -0,0 +1,8 @@
+--- base_rules/modsecurity_crs_40_generic_attacks.conf
++++ base_rules/modsecurity_crs_40_generic_attacks.conf
+164,165c164,165
+< SecRule ARGS "(?:ft|htt)ps?.*\?+$" \
+<         "phase:2,rev:'2.2.2',t:none,t:htmlEntityDecode,t:lowercase,capture,ctl:auditLogParts=+E,block,status:501,msg:'Remote File Inclusion Attack',id:'950119',severity:'2',setvar:'tx.msg=%{rule.msg}',setvar:tx.anomaly_score=+%{tx.critical_anomaly_score},setvar:tx.rfi_score=+%{tx.critical_anomaly_score},setvar:tx.%{rule.id}-WEB_ATTACK/RFI-%{matched_var_name}=%{tx.0}"
+---
+> #SecRule ARGS "(?:ft|htt)ps?.*\?+$" \
+> #        "phase:2,rev:'2.2.2',t:none,t:htmlEntityDecode,t:lowercase,capture,ctl:auditLogParts=+E,block,status:501,msg:'Remote File Inclusion Attack',id:'950119',severity:'2',setvar:'tx.msg=%{rule.msg}',setvar:tx.anomaly_score=+%{tx.critical_anomaly_score},setvar:tx.rfi_score=+%{tx.critical_anomaly_score},setvar:tx.%{rule.id}-WEB_ATTACK/RFI-%{matched_var_name}=%{tx.0}"
diff --git a/sca-cpp/trunk/ubuntu/ubuntu-install b/sca-cpp/trunk/ubuntu/ubuntu-install
index 40023e3ea0..7b46ee0872 100755
--- a/sca-cpp/trunk/ubuntu/ubuntu-install
+++ b/sca-cpp/trunk/ubuntu/ubuntu-install
@@ -237,8 +237,11 @@ fi
 cd $build
 curl -OL http://downloads.sourceforge.net/project/mod-security/modsecurity-crs/0-CURRENT/modsecurity-crs_2.2.2.tar.gz
 tar xzf modsecurity-crs_2.2.2.tar.gz
-cp -R $build/modsecurity-crs_2.2.2/base_rules $build/modsecurity-apache-2.6.1-bin
-cp -R $build/modsecurity-crs_2.2.2/optional_rules $build/modsecurity-apache-2.6.1-bin
+cd modsecurity-crs_2.2.2
+curl -OL http://svn.apache.org/repos/asf/tuscany/sca-cpp/trunk/patches/modsecurity-crs_2.2.2.patch
+patch -p0 <modsecurity-crs_2.2.2.patch
+cp -R base_rules $build/modsecurity-apache-2.6.1-bin
+cp -R optional_rules $build/modsecurity-apache-2.6.1-bin
 if [ "$?" != "0" ]; then
     exit $?
 fi
diff --git a/sca-cpp/trunk/ubuntu/ubuntu-install-all b/sca-cpp/trunk/ubuntu/ubuntu-install-all
index ea3023e39c..fc071931ac 100755
--- a/sca-cpp/trunk/ubuntu/ubuntu-install-all
+++ b/sca-cpp/trunk/ubuntu/ubuntu-install-all
@@ -291,8 +291,11 @@ fi
 cd $build
 curl -OL http://downloads.sourceforge.net/project/mod-security/modsecurity-crs/0-CURRENT/modsecurity-crs_2.2.2.tar.gz
 tar xzf modsecurity-crs_2.2.2.tar.gz
-cp -R $build/modsecurity-crs_2.2.2/base_rules $build/modsecurity-apache-2.6.1-bin
-cp -R $build/modsecurity-crs_2.2.2/optional_rules $build/modsecurity-apache-2.6.1-bin
+cd modsecurity-crs_2.2.2
+curl -OL http://svn.apache.org/repos/asf/tuscany/sca-cpp/trunk/patches/modsecurity-crs_2.2.2.patch
+patch -p0 <modsecurity-crs_2.2.2.patch
+cp -R base_rules $build/modsecurity-apache-2.6.1-bin
+cp -R optional_rules $build/modsecurity-apache-2.6.1-bin
 if [ "$?" != "0" ]; then
     exit $?
 fi
author	jsdelfino <jsdelfino@13f79535-47bb-0310-9956-ffa450edef68>	2011-11-14 07:10:15 +0000
committer	jsdelfino <jsdelfino@13f79535-47bb-0310-9956-ffa450edef68>	2011-11-14 07:10:15 +0000
commit	4bf0a7052b448315eda710857acafe24bb112a5b (patch)
tree	89b47bf8471da886a2c523721d76c6ebd5860c28 /sca-cpp
parent	1b4cab13b70f2d596ecb98e81073dbb45e0e85df (diff)