www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2026-01-06 09:01:14 +03:00
Code Activity

mod_authn_dbd: Export any additional columns queried in the SQL select

Browse Source 
into the environment with the name AUTHENTICATE_<COLUMN>. This brings
mod_authn_dbd behaviour in line with mod_authnz_ldap.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@466865 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Graham Leggett
2006-10-22 19:11:51 +00:00
parent 1edf74155f
commit 2d79512131
5 changed files with 75 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGES
View File

@@ -2,6 +2,10 @@
Changes with Apache 2.3.0
[Remove entries to the current 2.0 and 2.2 section below, when backported]
*) mod_authn_dbd: Export any additional columns queried in the SQL select
into the environment with the name AUTHENTICATE_<COLUMN>. This brings
mod_authn_dbd behaviour in line with mod_authnz_ldap. [Graham Leggett]
*) mod_dbd: Key the storage of prepared statements on the hex string
value of server_rec, rather than the server name, as the server name
may change (eg when the server name is set) at any time, causing

9
docs/manual/mod/mod_authn_dbd.xml
View File

@@ -111,7 +111,10 @@ DBDExptime 60</code>
<example>
AuthDBDUserPWQuery "SELECT password FROM authn WHERE username = %s"
</example>
<p>If httpd was built against apr v1.3.0 or higher, any additional
columns specified in the select statement will be inserted into
the environment with the name <code>AUTHENTICATE_&lt;COLUMN&gt;</code>.
</p>
</usage>
</directivesynopsis>
@@ -133,6 +136,10 @@ DBDExptime 60</code>
AuthDBDUserRealmQuery "SELECT password FROM authn
WHERE username = %s AND realm = %s"
</example>
<p>If httpd was built against apr v1.3.0 or higher, any additional
columns specified in the select statement will be inserted into
the environment with the name <code>AUTHENTICATE_&lt;COLUMN&gt;</code>.
</p>
</usage>
</directivesynopsis>

2
modules/aaa/mod_auth.h
View File

@@ -44,6 +44,8 @@ extern "C" {
#define AUTHZ_PROVIDER_NAME_NOTE "authz_provider_name"
#define AUTHZ_ACCESS_PASSED_NOTE "authz_access_passed"
#define AUTHN_PREFIX "AUTHENTICATE_"
/** all of the requirements must be met */
#define SATISFY_ALL 0
/** any of the requirements must be met */

64
modules/aaa/mod_authn_dbd.c
View File

@@ -18,11 +18,13 @@
#include "httpd.h"
#include "http_config.h"
#include "http_log.h"
#include "apr_lib.h"
#include "apr_dbd.h"
#include "mod_dbd.h"
#include "apr_strings.h"
#include "mod_auth.h"
#include "apr_md5.h"
#include "apu_version.h"
module AP_MODULE_DECLARE_DATA authn_dbd_module;
@@ -101,13 +103,13 @@ static authn_status authn_dbd_password(request_rec *r, const char *user,
}
if (conf->user == NULL) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "No DBD Authn configured!");
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "No AuthDBDUserPWQuery has been specified.");
return AUTH_GENERAL_ERROR;
}
statement = apr_hash_get(dbd->prepared, conf->user, APR_HASH_KEY_STRING);
if (statement == NULL) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "No DBD Authn configured!");
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "A prepared statement could not be found for AuthDBDUserPWQuery, key '%s'.", conf->user);
return AUTH_GENERAL_ERROR;
}
if (apr_dbd_pvselect(dbd->driver, r->pool, dbd->handle, &res, statement,
@@ -126,6 +128,33 @@ static authn_status authn_dbd_password(request_rec *r, const char *user,
}
if (dbd_password == NULL) {
dbd_password = apr_dbd_get_entry(dbd->driver, row, 0);
#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 3)
/* add the rest of the columns to the environment */
int i = 1;
const char *name;
for (name = apr_dbd_get_name(dbd->driver, res, i);
name != NULL;
name = apr_dbd_get_name(dbd->driver, res, i)) {
char *str = apr_pstrcat(r->pool, AUTHN_PREFIX,
name,
NULL);
int j = 13;
while (str[j]) {
if (!apr_isalnum(str[j])) {
str[j] = '_';
}
else {
str[j] = apr_toupper(str[j]);
}
j++;
}
apr_table_setn(r->subprocess_env, str,
apr_dbd_get_entry(dbd->driver, row, i));
i++;
}
#endif
}
/* we can't break out here or row won't get cleaned up */
}
@@ -160,12 +189,12 @@ static authn_status authn_dbd_realm(request_rec *r, const char *user,
return AUTH_GENERAL_ERROR;
}
if (conf->realm == NULL) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "No DBD Authn configured!");
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "No AuthDBDUserRealmQuery has been specified.");
return AUTH_GENERAL_ERROR;
}
statement = apr_hash_get(dbd->prepared, conf->realm, APR_HASH_KEY_STRING);
if (statement == NULL) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "No DBD Authn configured!");
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "A prepared statement could not be found for AuthDBDUserRealmQuery, key '%s'.", conf->realm);
return AUTH_GENERAL_ERROR;
}
if (apr_dbd_pvselect(dbd->driver, r->pool, dbd->handle, &res, statement,
@@ -184,6 +213,33 @@ static authn_status authn_dbd_realm(request_rec *r, const char *user,
}
if (dbd_hash == NULL) {
dbd_hash = apr_dbd_get_entry(dbd->driver, row, 0);
#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 3)
/* add the rest of the columns to the environment */
int i = 1;
const char *name;
for (name = apr_dbd_get_name(dbd->driver, res, i);
name != NULL;
name = apr_dbd_get_name(dbd->driver, res, i)) {
char *str = apr_pstrcat(r->pool, AUTHN_PREFIX,
name,
NULL);
int j = 13;
while (str[j]) {
if (!apr_isalnum(str[j])) {
str[j] = '_';
}
else {
str[j] = apr_toupper(str[j]);
}
j++;
}
apr_table_setn(r->subprocess_env, str,
apr_dbd_get_entry(dbd->driver, row, i));
i++;
}
#endif
}
/* we can't break out here or row won't get cleaned up */
}

2
modules/aaa/mod_authnz_ldap.c
View File

@@ -433,7 +433,7 @@ start_over:
apr_table_t *e = r->subprocess_env;
int i = 0;
while (sec->attributes[i]) {
char *str = apr_pstrcat(r->pool, "AUTHENTICATE_", sec->attributes[i], NULL);
char *str = apr_pstrcat(r->pool, AUTHN_PREFIX, sec->attributes[i], NULL);
int j = 13;
while (str[j]) {
if (str[j] >= 'a' && str[j] <= 'z') {