archive/apache-tuscany
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add scripts to support 'Require valid-user' and 'Require group' authz configurations separately.

Browse source 
git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@1041681 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
jsdelfino 2010-12-03 03:59:19 +00:00
commit 8d13a8e4db
21 changed files with 113 additions and 41 deletions
Download patch file Download diff file Expand all files Collapse all files

2
sca-cpp/trunk/modules/http/Makefile.am
View file

@ -20,7 +20,7 @@ INCLUDES = -I${HTTPD_INCLUDE}
incl_HEADERS = *.hpp
incldir = $(prefix)/include/modules/http
dist_mod_SCRIPTS = httpd-conf httpd-addr httpd-start httpd-stop httpd-restart ssl-ca-conf ssl-cert-conf ssl-cert-find httpd-ssl-conf basic-auth-conf cert-auth-conf form-auth-conf open-auth-conf proxy-conf proxy-ssl-conf proxy-member-conf proxy-ssl-member-conf vhost-conf vhost-ssl-conf tunnel-ssl-conf httpd-worker-conf httpd-event-conf
dist_mod_SCRIPTS = httpd-conf httpd-addr httpd-start httpd-stop httpd-restart ssl-ca-conf ssl-cert-conf ssl-cert-find httpd-ssl-conf basic-auth-conf cert-auth-conf form-auth-conf open-auth-conf passwd-auth-conf group-auth-conf proxy-conf proxy-ssl-conf proxy-member-conf proxy-ssl-member-conf vhost-conf vhost-ssl-conf tunnel-ssl-conf httpd-worker-conf httpd-event-conf
moddir=$(prefix)/modules/http
curl_test_SOURCES = curl-test.cpp

10
sca-cpp/trunk/modules/http/basic-auth-conf
View file

@ -25,8 +25,6 @@ root=`readlink -f $1`
conf=`cat $root/conf/httpd.conf | grep "# Generated by: httpd-conf"`
host=`echo $conf | awk '{ print $6 }'`
httpd_prefix=`cat $here/httpd.prefix`
# Generate basic authentication configuration
cat >>$root/conf/auth.conf <<EOF
# Generated by: basic-auth-conf $*
@ -36,16 +34,8 @@ cat >>$root/conf/auth.conf <<EOF
AuthType Basic
AuthName "$host"
AuthBasicProvider file
AuthUserFile "$root/conf/httpd.passwd"
Require valid-user
</Location>
EOF
# Create test users
touch $root/conf/httpd.passwd
$httpd_prefix/bin/htpasswd -b $root/conf/httpd.passwd test test 2>/dev/null
$httpd_prefix/bin/htpasswd -b $root/conf/httpd.passwd admin admin 2>/dev/null
$httpd_prefix/bin/htpasswd -b $root/conf/httpd.passwd foo foo 2>/dev/null
$httpd_prefix/bin/htpasswd -b $root/conf/httpd.passwd bar bar 2>/dev/null

6
sca-cpp/trunk/modules/http/cert-auth-conf
View file

@ -25,8 +25,6 @@ root=`readlink -f $1`
conf=`cat $root/conf/httpd.conf | grep "# Generated by: httpd-conf"`
host=`echo $conf | awk '{ print $6 }'`
httpd_prefix=`cat $here/httpd.prefix`
# Generate authentication configuration
cat >>$root/conf/auth.conf <<EOF
# Generated by: cert-auth-conf $*
@ -38,14 +36,12 @@ SSLVerifyDepth 1
AuthType Basic
AuthName "$host"
AuthBasicProvider file
AuthUserFile "$root/conf/httpd.passwd"
Require valid-user
</Location>
EOF
# Create certificate-based users
touch $root/conf/httpd.passwd
# Create password file and certificate-based users
cat >>$root/conf/httpd.passwd <<EOF
/C=US/ST=CA/L=San Francisco/O=$host/OU=server/CN=$host:\$1\$OXLyS...\$Owx8s2/m9/gfkcRVXzgoE/
/C=US/ST=CA/L=San Francisco/O=$host/OU=proxy/CN=$host:\$1\$OXLyS...\$Owx8s2/m9/gfkcRVXzgoE/

10
sca-cpp/trunk/modules/http/form-auth-conf
View file

@ -25,8 +25,6 @@ root=`readlink -f $1`
conf=`cat $root/conf/httpd.conf | grep "# Generated by: httpd-conf"`
host=`echo $conf | awk '{ print $6 }'`
httpd_prefix=`cat $here/httpd.prefix`
# Generate form authentication configuration
cat >>$root/conf/auth.conf <<EOF
# Generated by: form-auth-conf $*
@ -36,7 +34,6 @@ cat >>$root/conf/auth.conf <<EOF
AuthType Form
AuthName "$host"
AuthFormProvider file
AuthUserFile "$root/conf/httpd.passwd"
AuthFormLoginRequiredLocation /login
AuthFormLogoutLocation /
Session On
@ -55,10 +52,3 @@ SetHandler form-logout-handler
EOF
# Create test users
touch $root/conf/httpd.passwd
$httpd_prefix/bin/htpasswd -b $root/conf/httpd.passwd test test 2>/dev/null
$httpd_prefix/bin/htpasswd -b $root/conf/httpd.passwd admin admin 2>/dev/null
$httpd_prefix/bin/htpasswd -b $root/conf/httpd.passwd foo foo 2>/dev/null
$httpd_prefix/bin/htpasswd -b $root/conf/httpd.passwd bar bar 2>/dev/null

44
sca-cpp/trunk/modules/http/group-auth-conf Executable file
View file

@ -0,0 +1,44 @@
#!/bin/sh
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
here=`readlink -f $0`; here=`dirname $here`
mkdir -p $1
root=`readlink -f $1`
user=$2
group="members"
# Add user to group
cat $root/conf/httpd.groups | awk " BEGIN { found = 0 } /$group: / { printf \"%s %s\n\", \$0, \"$user\"; found = 1 } !/$group: / { printf \"%s\n\", \$0 } END { if (found == 0) printf \"%s: %s\n\", \"$group\", \"$user\" } " >$root/conf/.httpd.groups.tmp 2>/dev/null
cp $root/conf/.httpd.groups.tmp $root/conf/httpd.groups
rm $root/conf/.httpd.groups.tmp
# Generate HTTPD group authorization configuration
conf=`cat $root/conf/auth.conf | grep "Generated by: group-auth-conf"`
if [ "$conf" = "" ]; then
cat >>$root/conf/auth.conf <<EOF
# Generated by: group-auth-conf $1
# Allow group member access to root location
<Location />
AuthGroupFile "$root/conf/httpd.groups"
Require group members
</Location>
EOF
fi

10
sca-cpp/trunk/modules/http/httpd-conf
View file

@ -230,11 +230,21 @@ Require all granted
# Allow authorized access to root location
<Location />
Options FollowSymLinks
AuthUserFile "$root/conf/httpd.passwd"
Require all granted
</Location>
EOF
# Create password and group files
cat >$root/conf/httpd.passwd <<EOF
# Generated by: httpd-conf $*
EOF
cat >$root/conf/httpd.groups <<EOF
# Generated by: httpd-conf $*
EOF
# Generate vhost configuration
cat >$root/conf/vhost.conf <<EOF
# Generated by: httpd-conf $*

2
sca-cpp/trunk/modules/http/httpd-ssl-conf
View file

@ -36,8 +36,6 @@ htdocs=`echo $conf | awk '{ print $8 }'`
mkdir -p $htdocs
htdocs=`readlink -f $htdocs`
httpd_prefix=`cat $here/httpd.prefix`
# Extract organization name from our CA certificate
org=`openssl x509 -noout -subject -nameopt multiline -in $root/cert/ca.crt | grep organizationName | awk -F "= " '{ print $2 }'`

11
sca-cpp/trunk/modules/http/open-auth-conf
View file

@ -25,8 +25,6 @@ root=`readlink -f $1`
conf=`cat $root/conf/httpd.conf | grep "# Generated by: httpd-conf"`
host=`echo $conf | awk '{ print $6 }'`
httpd_prefix=`cat $here/httpd.prefix`
# Generate form authentication configuration
cat >>$root/conf/auth.conf <<EOF
# Generated by: open-auth-conf $*
@ -36,7 +34,6 @@ AuthType Open
AuthName "$host"
AuthOpenAuth On
AuthOpenAuthLoginPage /login
AuthUserFile "$root/conf/httpd.passwd"
Require valid-user
</Location>
@ -45,7 +42,6 @@ Require valid-user
AuthType Form
AuthName "$host"
AuthFormProvider file
AuthUserFile "$root/conf/httpd.passwd"
AuthFormLoginRequiredLocation /login
AuthFormLogoutLocation /
Session On
@ -57,10 +53,3 @@ SetHandler form-login-handler
EOF
# Create test users
touch $root/conf/httpd.passwd
$httpd_prefix/bin/htpasswd -b $root/conf/httpd.passwd test test 2>/dev/null
$httpd_prefix/bin/htpasswd -b $root/conf/httpd.passwd admin admin 2>/dev/null
$httpd_prefix/bin/htpasswd -b $root/conf/httpd.passwd foo foo 2>/dev/null
$httpd_prefix/bin/htpasswd -b $root/conf/httpd.passwd bar bar 2>/dev/null

31
sca-cpp/trunk/modules/http/passwd-auth-conf Executable file
View file

@ -0,0 +1,31 @@
#!/bin/sh
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
here=`readlink -f $0`; here=`dirname $here`
mkdir -p $1
root=`readlink -f $1`
user=$2
pass=$3
httpd_prefix=`cat $here/httpd.prefix`
# Create password file
touch $root/conf/httpd.passwd
$httpd_prefix/bin/htpasswd -b $root/conf/httpd.passwd $user $pass 2>/dev/null

2
sca-cpp/trunk/modules/http/tunnel-ssl-conf
View file

@ -30,8 +30,6 @@ sslhost=$3
sslport=$4
tport=$5
httpd_prefix=`cat $here/httpd.prefix`
# Generate HTTPD configuration
cat >>$root/conf/httpd.conf <<EOF
# Generated by: tunnel-ssl-conf $*

7
sca-cpp/trunk/modules/oauth/start-mixed-test
View file

@ -45,6 +45,13 @@ here=`readlink -f $0`; here=`dirname $here`
../openid/openid-memcached-conf tmp localhost 11213
../http/open-auth-conf tmp
../http/passwd-auth-conf tmp foo foo
# For this test to work you need to add your form, oauth and open id ids
# to the authorized user group
../../modules/http/group-auth-conf tmp foo
../../modules/http/group-auth-conf tmp 123456
../../modules/http/group-auth-conf tmp https://www.google.com/accounts/o8/id?id=12345678
../../modules/server/server-conf tmp
../../modules/server/scheme-conf tmp

7
sca-cpp/trunk/modules/oauth/start-test
View file

@ -18,6 +18,9 @@
# under the License.
# Setup
../../ubuntu/ip-redirect-all 80 8090
../../ubuntu/ip-redirect-all 443 8453
../../components/cache/memcached-start 11212
../../components/cache/memcached-start 11213
@ -36,6 +39,10 @@
./oauth2-appkey-conf tmp facebook.com app1234 secret6789
./oauth2-appkey-conf tmp github.com app5678 secret8901
# For this test to work you need to add your oauth user id to the
# authorized user group
../../modules/http/group-auth-conf tmp 123456
../../modules/server/server-conf tmp
../../modules/server/scheme-conf tmp
cat >>tmp/conf/httpd.conf <<EOF

4
sca-cpp/trunk/modules/openid/start-test
View file

@ -31,6 +31,10 @@
./openid-memcached-conf tmp localhost 11213
./openid-step2-conf tmp
# For this test to work you need to add your openid to the
# the authorized user group
../../modules/http/group-auth-conf tmp https://www.google.com/accounts/o8/id?id=1234567
../../modules/server/server-conf tmp
../../modules/server/scheme-conf tmp
cat >>tmp/conf/httpd.conf <<EOF

1
sca-cpp/trunk/samples/store-cluster/server-ssl-conf
View file

@ -41,6 +41,7 @@ tar -C tmp/ssl -c `../../modules/http/ssl-cert-find tmp/ssl` | tar -C $root -x
../../modules/openid/openid-memcached-conf $root localhost 11212
../../modules/openid/openid-memcached-conf $root localhost 11213
../../modules/http/open-auth-conf $root
../../modules/http/passwd-auth-conf $root foo foo
../../modules/server/server-conf $root
../../modules/python/python-conf $root

1
sca-cpp/trunk/samples/store-cpp/ssl-start
View file

@ -22,6 +22,7 @@
../../modules/http/httpd-conf tmp localhost 8090 htdocs
../../modules/http/httpd-ssl-conf tmp 8453
../../modules/http/basic-auth-conf tmp
../../modules/http/passwd-auth-conf tmp foo foo
../../modules/server/server-conf tmp
../../modules/server/cpp-conf tmp
cat >>tmp/conf/httpd.conf <<EOF

1
sca-cpp/trunk/samples/store-java/ssl-start
View file

@ -22,6 +22,7 @@
../../modules/http/httpd-conf tmp localhost 8090 htdocs
../../modules/http/httpd-ssl-conf tmp 8453
../../modules/http/basic-auth-conf tmp
../../modules/http/passwd-auth-conf tmp foo foo
../../modules/server/server-conf tmp
../../modules/java/java-conf tmp
cat >>tmp/conf/httpd.conf <<EOF

1
sca-cpp/trunk/samples/store-nosql/ssl-start
View file

@ -22,6 +22,7 @@
../../modules/http/httpd-conf tmp localhost 8090 htdocs
../../modules/http/httpd-ssl-conf tmp 8453
../../modules/http/basic-auth-conf tmp
../../modules/http/passwd-auth-conf tmp foo foo
../../modules/server/server-conf tmp
../../modules/server/scheme-conf tmp
cat >>tmp/conf/httpd.conf <<EOF

1
sca-cpp/trunk/samples/store-python/ssl-start
View file

@ -22,6 +22,7 @@
../../modules/http/httpd-conf tmp localhost 8090 htdocs
../../modules/http/httpd-ssl-conf tmp 8453
../../modules/http/open-auth-conf tmp
../../modules/http/passwd-auth-conf tmp foo foo
../../modules/server/server-conf tmp
../../modules/python/python-conf tmp
cat >>tmp/conf/httpd.conf <<EOF

1
sca-cpp/trunk/samples/store-scheme/ssl-start
View file

@ -22,6 +22,7 @@
../../modules/http/httpd-conf tmp localhost 8090 htdocs
../../modules/http/httpd-ssl-conf tmp 8453
../../modules/http/basic-auth-conf tmp
../../modules/http/passwd-auth-conf tmp foo foo
../../modules/server/server-conf tmp
../../modules/server/scheme-conf tmp
cat >>tmp/conf/httpd.conf <<EOF

1
sca-cpp/trunk/samples/store-sql/ssl-start
View file

@ -22,6 +22,7 @@
../../modules/http/httpd-conf tmp localhost 8090 htdocs
../../modules/http/httpd-ssl-conf tmp 8453
../../modules/http/basic-auth-conf tmp
../../modules/http/passwd-auth-conf tmp foo foo
../../modules/server/server-conf tmp
../../modules/server/scheme-conf tmp
cat >>tmp/conf/httpd.conf <<EOF

1
sca-cpp/trunk/samples/store-vhost/ssl-start
View file

@ -28,6 +28,7 @@
../../modules/http/httpd-ssl-conf tmp 8453
../../modules/http/vhost-ssl-conf tmp
../../modules/http/basic-auth-conf tmp
../../modules/http/passwd-auth-conf tmp foo foo
../../modules/server/server-conf tmp
../../modules/python/python-conf tmp
cat >>tmp/conf/httpd.conf <<EOF