work out a few more bugs and now it works. Still needs some clean up and the rest of the authz modules need to be converted

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/authz-dev@351573 13f79535-47bb-0310-9956-ffa450edef68
author: Bradley Nicholes <bnicholes@apache.org> 2005-12-02 04:15:56 +0000
committer: Bradley Nicholes <bnicholes@apache.org> 2005-12-02 04:15:56 +0000
commit: 4a8d4c42dded52f2d85953b2259d2353362161e4 (patch)
tree: a7e3e5c8374d595cbdfacb3835d17a4c93c03745
parent: 4e7c9f4aa376258c98701305426c63ada0d3199e (diff)
download: httpd-4a8d4c42dded52f2d85953b2259d2353362161e4.tar.gz
4 files changed, 33 insertions, 17 deletions
diff --git a/modules/aaa/mod_auth.h b/modules/aaa/mod_auth.h
index 1b15633757..43c372bd83 100644
--- a/modules/aaa/mod_auth.h
+++ b/modules/aaa/mod_auth.h
@@ -51,6 +51,13 @@ typedef enum {
     AUTH_GENERAL_ERROR
 } authn_status;
 
+typedef enum {
+    AUTHZ_DENIED,
+    AUTHZ_DECLINED,
+    AUTHZ_GRANTED,
+    AUTHZ_GENERAL_ERROR
+} authz_status;
+
 typedef struct {
     /* Given a username and password, expected to return AUTH_GRANTED
      * if we can validate this user/password combination.
@@ -78,7 +85,7 @@ typedef struct {
     /* Given a request_rec, expected to return AUTH_GRANTED
     * if we can authorize user access.
     */
-    authn_status (*check_authorization)(request_rec *r, apr_int64_t method_mask, const char *require_line);
+    authz_status (*check_authorization)(request_rec *r, apr_int64_t method_mask, const char *require_line);
 } authz_provider;
 
 /* A linked-list of authn providers. */
diff --git a/modules/aaa/mod_authz_host.c b/modules/aaa/mod_authz_host.c
index 09e4447aab..6ccbb84f38 100644
--- a/modules/aaa/mod_authz_host.c
+++ b/modules/aaa/mod_authz_host.c
@@ -431,7 +431,7 @@ static int authorize_user(request_rec *r)
 {
     authz_host_dir_conf *conf = ap_get_module_config(r->per_dir_config,
             &authz_host_module);
-    authn_status auth_result;
+    authz_status auth_result;
     authz_provider_list *current_provider;
 
     current_provider = conf->providers;
@@ -448,7 +448,7 @@ static int authorize_user(request_rec *r)
             if (!provider || !provider->check_authorization) {
                 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
                               "No Authz provider configured");
-                auth_result = AUTH_GENERAL_ERROR;
+                auth_result = AUTHZ_GENERAL_ERROR;
                 break;
             }
             apr_table_setn(r->notes, AUTHZ_PROVIDER_NAME_NOTE, AUTHZ_DEFAULT_PROVIDER);
@@ -464,7 +464,7 @@ static int authorize_user(request_rec *r)
         apr_table_unset(r->notes, AUTHZ_PROVIDER_NAME_NOTE);
 
         /* Something occured. Stop checking. */
-        if (auth_result != AUTH_DENIED) {
+        if (auth_result != AUTHZ_DENIED) {
             break;
         }
 
@@ -476,7 +476,7 @@ static int authorize_user(request_rec *r)
         current_provider = current_provider->next;
     } while (current_provider);
 
-    if (auth_result != AUTH_GRANTED) {
+    if (auth_result != AUTHZ_GRANTED) {
         int return_code;
 
 /* XXX need to deal with DECLINED vs DENIED.  DECLINED may not even
@@ -485,13 +485,13 @@ static int authorize_user(request_rec *r)
    according to the order and the Authz_xxx_Authoritative directives.
 */
         switch (auth_result) {
-            case AUTH_DENIED:
+            case AUTHZ_DENIED:
                 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
                               "user %s: authorization failure for \"%s\": ",
                               r->user, r->uri);
                 return_code = HTTP_UNAUTHORIZED;
                 break;
-            case AUTH_GENERAL_ERROR:
+            case AUTHZ_GENERAL_ERROR:
             default:
             /* We'll assume that the module has already said what its error
                 * was in the logs.
@@ -535,15 +535,16 @@ static int authz_some_auth_required(request_rec *r)
         * provider.
         */
         if (!current_provider) {
-            provider = ap_lookup_provider(AUTHZ_PROVIDER_GROUP,
+/*            provider = ap_lookup_provider(AUTHZ_PROVIDER_GROUP,
                                           AUTHZ_DEFAULT_PROVIDER, "0");
 
             if (!provider || !provider->check_authorization) {
                 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
                               "No Authz providers configured.  Assmuming no authorization required.");
+*/
                 req_authz = 0;
                 break;
-            }
+/*            }*/
         }
         else {
             provider = current_provider->provider;
@@ -600,7 +601,7 @@ module AP_MODULE_DECLARE_DATA authz_host_module =
 {
     STANDARD20_MODULE_STUFF,
     create_authz_host_dir_config,   /* dir config creater */
-    merge_authz_host_dir_config,    /* dir merger --- default is to override */
+    NULL,                           /* dir merger --- default is to override */
     NULL,                           /* server config */
     NULL,                           /* merge server config */
     authz_host_cmds,
diff --git a/modules/aaa/mod_authz_user.c b/modules/aaa/mod_authz_user.c
index 82e307b52a..15efaa47d2 100644
--- a/modules/aaa/mod_authz_user.c
+++ b/modules/aaa/mod_authz_user.c
@@ -117,14 +117,14 @@ static int check_user_access(request_rec *r)
 }
 #endif
 
-static authn_status user_check_authorization(request_rec *r, apr_int64_t method_mask, const char *require_line)
+static authz_status user_check_authorization(request_rec *r, apr_int64_t method_mask, const char *require_line)
 {
     char *user = r->user;
     int m = r->method_number;
     const char *t, *w;
 
     if (!(method_mask & (AP_METHOD_BIT << m))) {
-        return DECLINED;
+        return AUTHZ_DECLINED;
     }
 
     t = require_line;
@@ -136,7 +136,7 @@ static authn_status user_check_authorization(request_rec *r, apr_int64_t method_
         while (t[0]) {
             w = ap_getword_conf(r->pool, &t);
             if (!strcmp(user, w)) {
-                return OK;
+                return AUTHZ_GRANTED;
             }
         }
     }
@@ -147,17 +147,17 @@ static authn_status user_check_authorization(request_rec *r, apr_int64_t method_
                   r->uri, user);
 
     ap_note_auth_failure(r);
-    return HTTP_UNAUTHORIZED;
+    return AUTHZ_GENERAL_ERROR;
 }
 
-static authn_status validuser_check_authorization(request_rec *r, apr_int64_t method_mask, const char *require_line)
+static authz_status validuser_check_authorization(request_rec *r, apr_int64_t method_mask, const char *require_line)
 {
     int m = r->method_number;
 
     if (!(method_mask & (AP_METHOD_BIT << m))) {
-        return DECLINED;
+        return AUTHZ_DECLINED;
     }
-    return OK;
+    return AUTHZ_GRANTED;
 }
 
 static const authz_provider authz_user_provider =
diff --git a/server/core.c b/server/core.c
index 8af4c04838..2e18810905 100644
--- a/server/core.c
+++ b/server/core.c
@@ -268,6 +268,14 @@ static void *merge_core_dir_configs(apr_pool_t *a, void *basev, void *newv)
         conf->ap_default_type = new->ap_default_type;
     }
 
+    if (new->ap_auth_type) {
+        conf->ap_auth_type = new->ap_auth_type;
+    }
+
+    if (new->ap_auth_name) {
+        conf->ap_auth_name = new->ap_auth_name;
+    }
+
     if (conf->response_code_strings == NULL) {
         conf->response_code_strings = new->response_code_strings;
     }
author	Bradley Nicholes <bnicholes@apache.org>	2005-12-02 04:15:56 +0000
committer	Bradley Nicholes <bnicholes@apache.org>	2005-12-02 04:15:56 +0000
commit	4a8d4c42dded52f2d85953b2259d2353362161e4 (patch)
tree	a7e3e5c8374d595cbdfacb3835d17a4c93c03745
parent	4e7c9f4aa376258c98701305426c63ada0d3199e (diff)
download	httpd-4a8d4c42dded52f2d85953b2259d2353362161e4.tar.gz