mod_auth_form: Make sure that basic authentication is correctly

faked directly after login.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@690506 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/CHANGES b/CHANGES
index 0bd0753f2a9500c2a73cbdcc9270e8e34b8790d6..845b2244d7a5861672d12e12dbac911c2d3ddb29 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -2,6 +2,9 @@
 Changes with Apache 2.3.0
 [ When backported to 2.2.x, remove entry from this file ]
 
+  *) mod_auth_form: Make sure that basic authentication is correctly
+     faked directly after login. [Graham Leggett]
+
   *) mod_session_cookie, mod_session_dbd: Make sure cookies are set both
      within the output headers and error output headers, so that the
      session is maintained across redirects. [Graham Leggett]

diff --git a/modules/aaa/mod_auth_form.c b/modules/aaa/mod_auth_form.c
index fd981cfe72573fc57a59653fe985ed1902e4315f..dfbb30d2ea120bf49e25e9c4a3aedf83dfabfc17 100644 (file)
--- a/modules/aaa/mod_auth_form.c
+++ b/modules/aaa/mod_auth_form.c
@@ -972,6 +972,7 @@ static int authenticate_form_authn(request_rec * r)
         if (OK == rv) {
             rv = check_authn(r, sent_user, sent_pw);
             if (OK == rv) {
+                fake_basic_authentication(r, conf, sent_user, sent_pw);
                 set_session_auth(r, sent_user, sent_pw, conf->site);
                 if (sent_loc) {
                     apr_table_set(r->headers_out, "Location", sent_loc);