18b3a48e84
git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@1517413 13f79535-47bb-0310-9956-ffa450edef68
126 lines
3.1 KiB
Bash
Executable file
126 lines
3.1 KiB
Bash
Executable file
#!/bin/sh
|
|
|
|
# Licensed to the Apache Software Foundation (ASF) under one
|
|
# or more contributor license agreements. See the NOTICE file
|
|
# distributed with this work for additional information
|
|
# regarding copyright ownership. The ASF licenses this file
|
|
# to you under the Apache License, Version 2.0 (the
|
|
# "License"); you may not use this file except in compliance
|
|
# with the License. You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing,
|
|
# software distributed under the License is distributed on an
|
|
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
# KIND, either express or implied. See the License for the
|
|
# specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
# Generate a minimal HTTPD form authentication configuration
|
|
here=`echo "import os; print os.path.realpath('$0')" | python`; here=`dirname $here`
|
|
mkdir -p $1
|
|
root=`echo "import os; print os.path.realpath('$1')" | python`
|
|
|
|
uname=`uname -s`
|
|
if [ $uname = "Darwin" ]; then
|
|
libsuffix=".dylib"
|
|
else
|
|
libsuffix=".so"
|
|
fi
|
|
|
|
conf=`cat $root/conf/httpd.conf | grep "# Generated by: httpd-conf"`
|
|
host=`echo $conf | awk '{ print $6 }'`
|
|
|
|
sslconf=`cat $root/conf/httpd.conf | grep "# Generated by: httpd-ssl-conf"`
|
|
if [ "$sslconf" = "" ]; then
|
|
sslsuffix=""
|
|
else
|
|
sslsuffix="-ssl"
|
|
fi
|
|
|
|
if [ "$2" = "" ]; then
|
|
providers="file"
|
|
else
|
|
providers="file $2"
|
|
fi
|
|
|
|
if [ "$3" = "" ]; then
|
|
pw=`cat $root/cert/ca.key | head -2 | tail -1`
|
|
else
|
|
pw="$3"
|
|
fi
|
|
|
|
# Configure HTTPD mod_tuscany_openauth module
|
|
cat >>$root/conf/modules.conf <<EOF
|
|
# Generated by: open-auth-conf $*
|
|
# Load support for Open authentication
|
|
LoadModule mod_tuscany_openauth $here/libmod_tuscany_openauth$libsuffix
|
|
|
|
EOF
|
|
|
|
# Configure session crypto
|
|
cat >>$root/conf/httpd.conf <<EOF
|
|
# Configure session crypto
|
|
SessionCryptoPassphrase $pw
|
|
SessionCryptoDriver openssl
|
|
|
|
EOF
|
|
|
|
# Disallow public access to server resources
|
|
cat >$root/conf/noauth$sslsuffix.conf <<EOF
|
|
# Generated by: open-auth-conf $*
|
|
# Disallow public access to server resources
|
|
|
|
EOF
|
|
|
|
# Generate form authentication configuration
|
|
cat >>$root/conf/locauth$sslsuffix.conf <<EOF
|
|
# Generated by: open-auth-conf $*
|
|
# Enable Tuscany open authentication
|
|
<Location />
|
|
AuthType Open
|
|
AuthName "$host"
|
|
AuthOpenAuthProvider socache $providers
|
|
AuthnCacheProvideFor $providers
|
|
AuthnCacheContext /
|
|
AuthOpenAuthLoginPage /login/
|
|
Session On
|
|
SessionMaxAge 0
|
|
AuthOpenAuth On
|
|
Require valid-user
|
|
</Location>
|
|
|
|
# Use HTTPD form-based authentication
|
|
<Location /login/dologin>
|
|
SetHandler form-login-handler
|
|
AuthType Form
|
|
AuthName "$host"
|
|
AuthFormProvider socache $providers
|
|
AuthFormLoginRequiredLocation /login/?openauth_attempt=1
|
|
Session On
|
|
Require valid-user
|
|
</Location>
|
|
|
|
<Location /logout/dologout>
|
|
SetHandler mod_tuscany_openauth_logout
|
|
AuthType Open
|
|
AuthName "$host"
|
|
Session On
|
|
Require valid-user
|
|
</Location>
|
|
|
|
EOF
|
|
|
|
cat >>$root/conf/pubauth$sslsuffix.conf <<EOF
|
|
# Generated by: open-auth-conf $*
|
|
# Enable Tuscany open authentication
|
|
<Location /login/dologin>
|
|
Session On
|
|
</Location>
|
|
<Location /logout/dologout>
|
|
Session On
|
|
</Location>
|
|
|
|
EOF
|
|
|