diff options
Diffstat (limited to 'sca-cpp/trunk/modules')
-rw-r--r-- | sca-cpp/trunk/modules/http/Makefile.am | 2 | ||||
-rwxr-xr-x | sca-cpp/trunk/modules/http/basic-auth-conf | 10 | ||||
-rwxr-xr-x | sca-cpp/trunk/modules/http/cert-auth-conf | 6 | ||||
-rwxr-xr-x | sca-cpp/trunk/modules/http/form-auth-conf | 10 | ||||
-rwxr-xr-x | sca-cpp/trunk/modules/http/group-auth-conf | 44 | ||||
-rwxr-xr-x | sca-cpp/trunk/modules/http/httpd-conf | 10 | ||||
-rwxr-xr-x | sca-cpp/trunk/modules/http/httpd-ssl-conf | 2 | ||||
-rwxr-xr-x | sca-cpp/trunk/modules/http/open-auth-conf | 11 | ||||
-rwxr-xr-x | sca-cpp/trunk/modules/http/passwd-auth-conf | 31 | ||||
-rwxr-xr-x | sca-cpp/trunk/modules/http/tunnel-ssl-conf | 2 | ||||
-rwxr-xr-x | sca-cpp/trunk/modules/oauth/start-mixed-test | 7 | ||||
-rwxr-xr-x | sca-cpp/trunk/modules/oauth/start-test | 7 | ||||
-rwxr-xr-x | sca-cpp/trunk/modules/openid/start-test | 4 |
13 files changed, 105 insertions, 41 deletions
diff --git a/sca-cpp/trunk/modules/http/Makefile.am b/sca-cpp/trunk/modules/http/Makefile.am index af8ab4d1c3..a47b83fbf0 100644 --- a/sca-cpp/trunk/modules/http/Makefile.am +++ b/sca-cpp/trunk/modules/http/Makefile.am @@ -20,7 +20,7 @@ INCLUDES = -I${HTTPD_INCLUDE} incl_HEADERS = *.hpp incldir = $(prefix)/include/modules/http -dist_mod_SCRIPTS = httpd-conf httpd-addr httpd-start httpd-stop httpd-restart ssl-ca-conf ssl-cert-conf ssl-cert-find httpd-ssl-conf basic-auth-conf cert-auth-conf form-auth-conf open-auth-conf proxy-conf proxy-ssl-conf proxy-member-conf proxy-ssl-member-conf vhost-conf vhost-ssl-conf tunnel-ssl-conf httpd-worker-conf httpd-event-conf +dist_mod_SCRIPTS = httpd-conf httpd-addr httpd-start httpd-stop httpd-restart ssl-ca-conf ssl-cert-conf ssl-cert-find httpd-ssl-conf basic-auth-conf cert-auth-conf form-auth-conf open-auth-conf passwd-auth-conf group-auth-conf proxy-conf proxy-ssl-conf proxy-member-conf proxy-ssl-member-conf vhost-conf vhost-ssl-conf tunnel-ssl-conf httpd-worker-conf httpd-event-conf moddir=$(prefix)/modules/http curl_test_SOURCES = curl-test.cpp diff --git a/sca-cpp/trunk/modules/http/basic-auth-conf b/sca-cpp/trunk/modules/http/basic-auth-conf index 74f4a61959..c3018e1174 100755 --- a/sca-cpp/trunk/modules/http/basic-auth-conf +++ b/sca-cpp/trunk/modules/http/basic-auth-conf @@ -25,8 +25,6 @@ root=`readlink -f $1` conf=`cat $root/conf/httpd.conf | grep "# Generated by: httpd-conf"` host=`echo $conf | awk '{ print $6 }'` -httpd_prefix=`cat $here/httpd.prefix` - # Generate basic authentication configuration cat >>$root/conf/auth.conf <<EOF # Generated by: basic-auth-conf $* @@ -36,16 +34,8 @@ cat >>$root/conf/auth.conf <<EOF AuthType Basic AuthName "$host" AuthBasicProvider file -AuthUserFile "$root/conf/httpd.passwd" Require valid-user </Location> EOF -# Create test users -touch $root/conf/httpd.passwd -$httpd_prefix/bin/htpasswd -b $root/conf/httpd.passwd test test 2>/dev/null -$httpd_prefix/bin/htpasswd -b $root/conf/httpd.passwd admin admin 2>/dev/null -$httpd_prefix/bin/htpasswd -b $root/conf/httpd.passwd foo foo 2>/dev/null -$httpd_prefix/bin/htpasswd -b $root/conf/httpd.passwd bar bar 2>/dev/null - diff --git a/sca-cpp/trunk/modules/http/cert-auth-conf b/sca-cpp/trunk/modules/http/cert-auth-conf index 00494d99f2..c6720c7ae4 100755 --- a/sca-cpp/trunk/modules/http/cert-auth-conf +++ b/sca-cpp/trunk/modules/http/cert-auth-conf @@ -25,8 +25,6 @@ root=`readlink -f $1` conf=`cat $root/conf/httpd.conf | grep "# Generated by: httpd-conf"` host=`echo $conf | awk '{ print $6 }'` -httpd_prefix=`cat $here/httpd.prefix` - # Generate authentication configuration cat >>$root/conf/auth.conf <<EOF # Generated by: cert-auth-conf $* @@ -38,14 +36,12 @@ SSLVerifyDepth 1 AuthType Basic AuthName "$host" AuthBasicProvider file -AuthUserFile "$root/conf/httpd.passwd" Require valid-user </Location> EOF -# Create certificate-based users -touch $root/conf/httpd.passwd +# Create password file and certificate-based users cat >>$root/conf/httpd.passwd <<EOF /C=US/ST=CA/L=San Francisco/O=$host/OU=server/CN=$host:\$1\$OXLyS...\$Owx8s2/m9/gfkcRVXzgoE/ /C=US/ST=CA/L=San Francisco/O=$host/OU=proxy/CN=$host:\$1\$OXLyS...\$Owx8s2/m9/gfkcRVXzgoE/ diff --git a/sca-cpp/trunk/modules/http/form-auth-conf b/sca-cpp/trunk/modules/http/form-auth-conf index a58a800058..a9077116da 100755 --- a/sca-cpp/trunk/modules/http/form-auth-conf +++ b/sca-cpp/trunk/modules/http/form-auth-conf @@ -25,8 +25,6 @@ root=`readlink -f $1` conf=`cat $root/conf/httpd.conf | grep "# Generated by: httpd-conf"` host=`echo $conf | awk '{ print $6 }'` -httpd_prefix=`cat $here/httpd.prefix` - # Generate form authentication configuration cat >>$root/conf/auth.conf <<EOF # Generated by: form-auth-conf $* @@ -36,7 +34,6 @@ cat >>$root/conf/auth.conf <<EOF AuthType Form AuthName "$host" AuthFormProvider file -AuthUserFile "$root/conf/httpd.passwd" AuthFormLoginRequiredLocation /login AuthFormLogoutLocation / Session On @@ -55,10 +52,3 @@ SetHandler form-logout-handler EOF -# Create test users -touch $root/conf/httpd.passwd -$httpd_prefix/bin/htpasswd -b $root/conf/httpd.passwd test test 2>/dev/null -$httpd_prefix/bin/htpasswd -b $root/conf/httpd.passwd admin admin 2>/dev/null -$httpd_prefix/bin/htpasswd -b $root/conf/httpd.passwd foo foo 2>/dev/null -$httpd_prefix/bin/htpasswd -b $root/conf/httpd.passwd bar bar 2>/dev/null - diff --git a/sca-cpp/trunk/modules/http/group-auth-conf b/sca-cpp/trunk/modules/http/group-auth-conf new file mode 100755 index 0000000000..dc8dad8641 --- /dev/null +++ b/sca-cpp/trunk/modules/http/group-auth-conf @@ -0,0 +1,44 @@ +#!/bin/sh + +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +here=`readlink -f $0`; here=`dirname $here` +mkdir -p $1 +root=`readlink -f $1` +user=$2 +group="members" + +# Add user to group +cat $root/conf/httpd.groups | awk " BEGIN { found = 0 } /$group: / { printf \"%s %s\n\", \$0, \"$user\"; found = 1 } !/$group: / { printf \"%s\n\", \$0 } END { if (found == 0) printf \"%s: %s\n\", \"$group\", \"$user\" } " >$root/conf/.httpd.groups.tmp 2>/dev/null +cp $root/conf/.httpd.groups.tmp $root/conf/httpd.groups +rm $root/conf/.httpd.groups.tmp + +# Generate HTTPD group authorization configuration +conf=`cat $root/conf/auth.conf | grep "Generated by: group-auth-conf"` +if [ "$conf" = "" ]; then + cat >>$root/conf/auth.conf <<EOF +# Generated by: group-auth-conf $1 +# Allow group member access to root location +<Location /> +AuthGroupFile "$root/conf/httpd.groups" +Require group members +</Location> + +EOF +fi + diff --git a/sca-cpp/trunk/modules/http/httpd-conf b/sca-cpp/trunk/modules/http/httpd-conf index a77141af5f..ed2b7bb06d 100755 --- a/sca-cpp/trunk/modules/http/httpd-conf +++ b/sca-cpp/trunk/modules/http/httpd-conf @@ -230,11 +230,21 @@ Require all granted # Allow authorized access to root location <Location /> Options FollowSymLinks +AuthUserFile "$root/conf/httpd.passwd" Require all granted </Location> EOF +# Create password and group files +cat >$root/conf/httpd.passwd <<EOF +# Generated by: httpd-conf $* +EOF + +cat >$root/conf/httpd.groups <<EOF +# Generated by: httpd-conf $* +EOF + # Generate vhost configuration cat >$root/conf/vhost.conf <<EOF # Generated by: httpd-conf $* diff --git a/sca-cpp/trunk/modules/http/httpd-ssl-conf b/sca-cpp/trunk/modules/http/httpd-ssl-conf index 0a73809fa5..5882a18cb4 100755 --- a/sca-cpp/trunk/modules/http/httpd-ssl-conf +++ b/sca-cpp/trunk/modules/http/httpd-ssl-conf @@ -36,8 +36,6 @@ htdocs=`echo $conf | awk '{ print $8 }'` mkdir -p $htdocs htdocs=`readlink -f $htdocs` -httpd_prefix=`cat $here/httpd.prefix` - # Extract organization name from our CA certificate org=`openssl x509 -noout -subject -nameopt multiline -in $root/cert/ca.crt | grep organizationName | awk -F "= " '{ print $2 }'` diff --git a/sca-cpp/trunk/modules/http/open-auth-conf b/sca-cpp/trunk/modules/http/open-auth-conf index f2304a0b86..2bd5bc3504 100755 --- a/sca-cpp/trunk/modules/http/open-auth-conf +++ b/sca-cpp/trunk/modules/http/open-auth-conf @@ -25,8 +25,6 @@ root=`readlink -f $1` conf=`cat $root/conf/httpd.conf | grep "# Generated by: httpd-conf"` host=`echo $conf | awk '{ print $6 }'` -httpd_prefix=`cat $here/httpd.prefix` - # Generate form authentication configuration cat >>$root/conf/auth.conf <<EOF # Generated by: open-auth-conf $* @@ -36,7 +34,6 @@ AuthType Open AuthName "$host" AuthOpenAuth On AuthOpenAuthLoginPage /login -AuthUserFile "$root/conf/httpd.passwd" Require valid-user </Location> @@ -45,7 +42,6 @@ Require valid-user AuthType Form AuthName "$host" AuthFormProvider file -AuthUserFile "$root/conf/httpd.passwd" AuthFormLoginRequiredLocation /login AuthFormLogoutLocation / Session On @@ -57,10 +53,3 @@ SetHandler form-login-handler EOF -# Create test users -touch $root/conf/httpd.passwd -$httpd_prefix/bin/htpasswd -b $root/conf/httpd.passwd test test 2>/dev/null -$httpd_prefix/bin/htpasswd -b $root/conf/httpd.passwd admin admin 2>/dev/null -$httpd_prefix/bin/htpasswd -b $root/conf/httpd.passwd foo foo 2>/dev/null -$httpd_prefix/bin/htpasswd -b $root/conf/httpd.passwd bar bar 2>/dev/null - diff --git a/sca-cpp/trunk/modules/http/passwd-auth-conf b/sca-cpp/trunk/modules/http/passwd-auth-conf new file mode 100755 index 0000000000..89a3f19e4b --- /dev/null +++ b/sca-cpp/trunk/modules/http/passwd-auth-conf @@ -0,0 +1,31 @@ +#!/bin/sh + +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +here=`readlink -f $0`; here=`dirname $here` +mkdir -p $1 +root=`readlink -f $1` +user=$2 +pass=$3 + +httpd_prefix=`cat $here/httpd.prefix` + +# Create password file +touch $root/conf/httpd.passwd +$httpd_prefix/bin/htpasswd -b $root/conf/httpd.passwd $user $pass 2>/dev/null + diff --git a/sca-cpp/trunk/modules/http/tunnel-ssl-conf b/sca-cpp/trunk/modules/http/tunnel-ssl-conf index c401a73253..8cf4ada20a 100755 --- a/sca-cpp/trunk/modules/http/tunnel-ssl-conf +++ b/sca-cpp/trunk/modules/http/tunnel-ssl-conf @@ -30,8 +30,6 @@ sslhost=$3 sslport=$4 tport=$5 -httpd_prefix=`cat $here/httpd.prefix` - # Generate HTTPD configuration cat >>$root/conf/httpd.conf <<EOF # Generated by: tunnel-ssl-conf $* diff --git a/sca-cpp/trunk/modules/oauth/start-mixed-test b/sca-cpp/trunk/modules/oauth/start-mixed-test index c368c29ed2..bfd7667ce4 100755 --- a/sca-cpp/trunk/modules/oauth/start-mixed-test +++ b/sca-cpp/trunk/modules/oauth/start-mixed-test @@ -45,6 +45,13 @@ here=`readlink -f $0`; here=`dirname $here` ../openid/openid-memcached-conf tmp localhost 11213 ../http/open-auth-conf tmp +../http/passwd-auth-conf tmp foo foo + +# For this test to work you need to add your form, oauth and open id ids +# to the authorized user group +../../modules/http/group-auth-conf tmp foo +../../modules/http/group-auth-conf tmp 123456 +../../modules/http/group-auth-conf tmp https://www.google.com/accounts/o8/id?id=12345678 ../../modules/server/server-conf tmp ../../modules/server/scheme-conf tmp diff --git a/sca-cpp/trunk/modules/oauth/start-test b/sca-cpp/trunk/modules/oauth/start-test index 8fd9d01302..0e859ce6e6 100755 --- a/sca-cpp/trunk/modules/oauth/start-test +++ b/sca-cpp/trunk/modules/oauth/start-test @@ -18,6 +18,9 @@ # under the License. # Setup +../../ubuntu/ip-redirect-all 80 8090 +../../ubuntu/ip-redirect-all 443 8453 + ../../components/cache/memcached-start 11212 ../../components/cache/memcached-start 11213 @@ -36,6 +39,10 @@ ./oauth2-appkey-conf tmp facebook.com app1234 secret6789 ./oauth2-appkey-conf tmp github.com app5678 secret8901 +# For this test to work you need to add your oauth user id to the +# authorized user group +../../modules/http/group-auth-conf tmp 123456 + ../../modules/server/server-conf tmp ../../modules/server/scheme-conf tmp cat >>tmp/conf/httpd.conf <<EOF diff --git a/sca-cpp/trunk/modules/openid/start-test b/sca-cpp/trunk/modules/openid/start-test index 55e7a13f26..7ae27c57cd 100755 --- a/sca-cpp/trunk/modules/openid/start-test +++ b/sca-cpp/trunk/modules/openid/start-test @@ -31,6 +31,10 @@ ./openid-memcached-conf tmp localhost 11213 ./openid-step2-conf tmp +# For this test to work you need to add your openid to the +# the authorized user group +../../modules/http/group-auth-conf tmp https://www.google.com/accounts/o8/id?id=1234567 + ../../modules/server/server-conf tmp ../../modules/server/scheme-conf tmp cat >>tmp/conf/httpd.conf <<EOF |