now populates r->user with the (possibly unauthenticated) user,
and mod_auth_digest returns 500 when a provider returns
AUTH_GENERAL_ERROR
Reviewed by: justin
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102719 13f79535-47bb-0310-9956-ffa450edef68
AuthDigestProvider dbm? This results in a great kaboom. The patch makes
apache throw an error, if someone tries a provider, that doesn't support
the particular auth scheme.
Submitted by: Andre Malo <nd@perlig.de>
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@97802 13f79535-47bb-0310-9956-ffa450edef68
not only break, if access is granted. It should also break, if
access was *denied* by one provider. To be safe, it has to break
also, if an error occured. So the patch turns the condition around
and continues only, if the user was not found.
I find it also weird, that if auth was denied (by password
usually), the AuthBasicAuthoritative behaviour can override that
by "passing to lower modules". The patch changes that behaviour,
too.
Justin notes:
I'm kind of on the fence about that. I was originally thinking
optimistically, but yeah, it might make sense to do it
pessimistically. If there's any error, bug out.
Submitted by: Andre Malo <nd@perlig.de>
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@97801 13f79535-47bb-0310-9956-ffa450edef68
the DSO link problems for DAV and the new aaa modules by moving the
provider code into the core of the server and generalizing them to be
used by any code.
Remove the auth{nz}_*_provider functions as they are no longer needed.
Change the dav_*_provider functions to wrap the ap_*_provider functions
as they have a bit more of a historical precedent that we should keep
around.
Reviewed by: John K. Sterling <john@sterls.com> (in concept)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96919 13f79535-47bb-0310-9956-ffa450edef68
do not have to re-implement basic auth and to allow mod_auth_digest (and
other modules) to leverage the authn backends.
Adds AuthBasicProvider and AuthDigestProvider directives.
This also moves a lot of the basic auth handling code inside of mod_auth_basic
(but does not remove the code in server/protocol.c - that will have to wait
for a version bump so that we don't totally bust old modules).
This patch incorporates code review comments by Greg Stein.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96739 13f79535-47bb-0310-9956-ffa450edef68
All modules are reorganized under the following scheme:
- mod_auth_*: Front-end (basic, digest)
- mod_authn_*: Authentication (anon, dbm, default, file)
- mod_authz_*: Authorization (dbm, default, groupfile, host, user)
This passes the httpd-test suite when it accounts for the renaming of
aaa modules.
Originally written by: Dirk-Willem van Gulik
Completed by: Justin Erenkrantz
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96728 13f79535-47bb-0310-9956-ffa450edef68
