From 50b290072e213a7aeb62d6bac5ad4b67a6fc42eb Mon Sep 17 00:00:00 2001
From: jsdelfino <jsdelfino@13f79535-47bb-0310-9956-ffa450edef68>
Date: Sat, 24 Jul 2010 23:21:38 +0000
Subject: Change OpenID conf to protect the entire tree under a host, and work
 with OpenID step2 discovery.

git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@978945 13f79535-47bb-0310-9956-ffa450edef68
---
 sca-cpp/trunk/modules/openid/openid-step2-conf | 72 ++++++++++++++++++++++++++
 1 file changed, 72 insertions(+)
 create mode 100755 sca-cpp/trunk/modules/openid/openid-step2-conf

(limited to 'sca-cpp/trunk/modules/openid/openid-step2-conf')

diff --git a/sca-cpp/trunk/modules/openid/openid-step2-conf b/sca-cpp/trunk/modules/openid/openid-step2-conf
new file mode 100755
index 0000000000..4ca4150483
--- /dev/null
+++ b/sca-cpp/trunk/modules/openid/openid-step2-conf
@@ -0,0 +1,72 @@
+#!/bin/sh
+
+#  Licensed to the Apache Software Foundation (ASF) under one
+#  or more contributor license agreements.  See the NOTICE file
+#  distributed with this work for additional information
+#  regarding copyright ownership.  The ASF licenses this file
+#  to you under the Apache License, Version 2.0 (the
+#  "License"); you may not use this file except in compliance
+#  with the License.  You may obtain a copy of the License at
+#  
+#    http://www.apache.org/licenses/LICENSE-2.0
+#    
+#  Unless required by applicable law or agreed to in writing,
+#  software distributed under the License is distributed on an
+#  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+#  KIND, either express or implied.  See the License for the
+#  specific language governing permissions and limitations
+#  under the License.
+
+# Generate an OpenID Step2 server conf
+here=`readlink -f $0`; here=`dirname $here`
+root=`readlink -f $1`
+host=$2
+port=`echo $3 | awk -F "/" '{ print $1 }'`
+pport=`echo $3 | awk -F "/" '{ print $2 }'`
+if [ "$pport" = "" ]; then
+    pport=$port
+fi
+htdocs=`readlink -f $4`
+
+# Configure HTTPD to serve OpenID XRDS and LRDD documents
+cat >>$root/conf/httpd.conf <<EOF
+# Serve OpenID XRDS document
+Alias /openid $root/conf/openid.xrds
+<Location /openid>
+AuthOpenIDEnabled Off
+ForceType application/xrds+xml
+</Location>
+
+# Serve OpenID LRDD document
+Alias /.well-known/host-meta $root/conf/openid.lrdd
+<Location /.well-known/host-meta>
+AuthOpenIDEnabled Off
+ForceType text/plain
+</Location>
+
+EOF
+
+# Generate OpenID XRDS document
+cat >$root/conf/openid.xrds <<EOF
+<?xml version="1.0" encoding="UTF-8"?>
+<xrds:XRDS xmlns:xrds="xri://\$xrds" xmlns="xri://\$xrd*(\$v*2.0)">
+<XRD>
+<CanonicalID>$host</CanonicalID>
+<Service priority="0">
+<Type>http://specs.openid.net/auth/2.0/server</Type>
+<Type>http://specs.openid.net/auth/2.0/signon</Type>
+<Type>http://openid.net/srv/ax/1.0</Type>
+<Type>http://specs.openid.net/extensions/ui/1.0/mode/popup</Type>
+<Type>http://specs.openid.net/extensions/ui/1.0/icon</Type>
+<Type>http://specs.openid.net/extensions/pape/1.0</Type>
+<URI>https://www.google.com/a/$host/o8/ud?be=o8</URI>
+</Service>
+</XRD>
+</xrds:XRDS>
+EOF
+
+# Generate OpenID LRDD document
+cat >$root/conf/openid.lrdd <<EOF
+Link: <https://www.google.com/accounts/o8/site-xrds?hd=$host>; rel="describedby http://reltype.google.com/openid/xrd-op"; type="application/xrds+xml"
+EOF
+
-- 
cgit v1.2.3