<default>none</default>
<contextlist><context>directory</context>
</contextlist>
-<compatibility>Available in Apache HTTP Server 2.3.0 and later</compatibility>
+<compatibility>Available in Apache HTTP Server 2.3.0 and later. The use of the expression
+parser hass been added in 2.4.4.</compatibility>
<usage>
<p>The <directive module="mod_auth_form">AuthFormLoginRequiredLocation</directive> directive
- specifies the URL to redirect to should the user not be authorised to view a page. By default,
- if a user is not authorised to view a page, the HTTP response code <code>HTTP_UNAUTHORIZED</code>
- will be returned with the page specified by the
+ specifies the URL to redirect to should the user not be authorised to view a page. The value
+ is parsed using the <a href="../expr.html">ap_expr</a> parser before being sent to the client.
+ By default, if a user is not authorised to view a page, the HTTP response code
+ <code>HTTP_UNAUTHORIZED</code> will be returned with the page specified by the
<directive module="core">ErrorDocument</directive> directive. This directive overrides this
default.</p>
<default>none</default>
<contextlist><context>directory</context>
</contextlist>
-<compatibility>Available in Apache HTTP Server 2.3.0 and later</compatibility>
+<compatibility>Available in Apache HTTP Server 2.3.0 and later. The use of the expression
+parser hass been added in 2.4.4.</compatibility>
<usage>
<p>The <directive module="mod_auth_form">AuthFormLoginSuccessLocation</directive> directive
- specifies the URL to redirect to should the user have logged in successfully. This directive
- can be overridden if a form field has been defined containing another URL using the
- <directive module="mod_auth_form">AuthFormLocation</directive> directive.</p>
+ specifies the URL to redirect to should the user have logged in successfully. The value is
+ parsed using the <a href="../expr.html">ap_expr</a> parser before being sent to the client.
+ This directive can be overridden if a form field has been defined containing another URL
+ using the <directive module="mod_auth_form">AuthFormLocation</directive> directive.</p>
<p>Use this directive if you have a dedicated login URL, and you have not embedded the
destination page in the login form.</p>
<default>none</default>
<contextlist><context>directory</context>
</contextlist>
-<compatibility>Available in Apache HTTP Server 2.3.0 and later</compatibility>
+<compatibility>Available in Apache HTTP Server 2.3.0 and later. The use of the expression
+parser hass been added in 2.4.4.</compatibility>
<usage>
<p>The <directive module="mod_auth_form">AuthFormLogoutLocation</directive> directive
- specifies the URL of a page on the server to redirect to should the user attempt to log out.</p>
+ specifies the URL of a page on the server to redirect to should the user attempt to log
+ out. The value is parsed using the <a href="../expr.html">ap_expr</a> parser before
+ being sent to the client.</p>
<p>When a URI is accessed that is served by the handler <code>form-logout-handler</code>,
the page specified by this directive will be shown to the end user. For example:</p>
#include "http_request.h"
#include "ap_provider.h"
#include "util_md5.h"
+#include "ap_expr.h"
#include "mod_auth.h"
#include "mod_session.h"
int body_set;
int disable_no_store;
int disable_no_store_set;
- const char *loginsuccess;
+ ap_expr_info_t *loginsuccess;
int loginsuccess_set;
- const char *loginrequired;
+ ap_expr_info_t *loginrequired;
int loginrequired_set;
- const char *logout;
+ ap_expr_info_t *logout;
int logout_set;
} auth_form_config_rec;
static const char *set_login_required_location(cmd_parms * cmd, void *config, const char *loginrequired)
{
auth_form_config_rec *conf = (auth_form_config_rec *) config;
- conf->loginrequired = loginrequired;
+ const char *err;
+
+ conf->loginrequired = ap_expr_parse_cmd(cmd, loginrequired, AP_EXPR_FLAG_STRING_RESULT,
+ &err, NULL);
+ if (err) {
+ return apr_psprintf(cmd->pool,
+ "Could not parse login required expression '%s': %s",
+ loginrequired, err);
+ }
conf->loginrequired_set = 1;
+
return NULL;
}
static const char *set_login_success_location(cmd_parms * cmd, void *config, const char *loginsuccess)
{
auth_form_config_rec *conf = (auth_form_config_rec *) config;
- conf->loginsuccess = loginsuccess;
+ const char *err;
+
+ conf->loginsuccess = ap_expr_parse_cmd(cmd, loginsuccess, AP_EXPR_FLAG_STRING_RESULT,
+ &err, NULL);
+ if (err) {
+ return apr_psprintf(cmd->pool,
+ "Could not parse login success expression '%s': %s",
+ loginsuccess, err);
+ }
conf->loginsuccess_set = 1;
+
return NULL;
}
static const char *set_logout_location(cmd_parms * cmd, void *config, const char *logout)
{
auth_form_config_rec *conf = (auth_form_config_rec *) config;
- conf->logout = logout;
+ const char *err;
+
+ conf->logout = ap_expr_parse_cmd(cmd, logout, AP_EXPR_FLAG_STRING_RESULT,
+ &err, NULL);
+ if (err) {
+ return apr_psprintf(cmd->pool,
+ "Could not parse logout required expression '%s': %s",
+ logout, err);
+ }
conf->logout_set = 1;
+
return NULL;
}
const char *sent_user = NULL, *sent_pw = NULL, *sent_hash = NULL;
const char *sent_loc = NULL, *sent_method = "GET", *sent_mimetype = NULL;
const char *current_auth = NULL;
+ const char *err;
apr_status_t res;
int rv = HTTP_UNAUTHORIZED;
return HTTP_MOVED_TEMPORARILY;
}
if (conf->loginsuccess) {
- apr_table_set(r->headers_out, "Location", conf->loginsuccess);
- return HTTP_MOVED_TEMPORARILY;
+ const char *loginsuccess = ap_expr_str_exec(r,
+ conf->loginsuccess, &err);
+ if (!err) {
+ apr_table_set(r->headers_out, "Location", loginsuccess);
+ return HTTP_MOVED_TEMPORARILY;
+ }
+ else {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02339)
+ "Can't evaluate login success expression: %s", err);
+ return HTTP_INTERNAL_SERVER_ERROR;
+ }
}
}
}
* instead?
*/
if (HTTP_UNAUTHORIZED == rv && conf->loginrequired) {
- apr_table_set(r->headers_out, "Location", conf->loginrequired);
- return HTTP_MOVED_TEMPORARILY;
+ const char *loginrequired = ap_expr_str_exec(r,
+ conf->loginrequired, &err);
+ if (!err) {
+ apr_table_set(r->headers_out, "Location", loginrequired);
+ return HTTP_MOVED_TEMPORARILY;
+ }
+ else {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02340)
+ "Can't evaluate login required expression: %s", err);
+ return HTTP_INTERNAL_SERVER_ERROR;
+ }
}
/* did the user ask to be redirected on login success? */
static int authenticate_form_login_handler(request_rec * r)
{
auth_form_config_rec *conf;
+ const char *err;
const char *sent_user = NULL, *sent_pw = NULL, *sent_loc = NULL;
int rv;
return HTTP_MOVED_TEMPORARILY;
}
if (conf->loginsuccess) {
- apr_table_set(r->headers_out, "Location", conf->loginsuccess);
- return HTTP_MOVED_TEMPORARILY;
+ const char *loginsuccess = ap_expr_str_exec(r,
+ conf->loginsuccess, &err);
+ if (!err) {
+ apr_table_set(r->headers_out, "Location", loginsuccess);
+ return HTTP_MOVED_TEMPORARILY;
+ }
+ else {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02341)
+ "Can't evaluate login success expression: %s", err);
+ return HTTP_INTERNAL_SERVER_ERROR;
+ }
}
return HTTP_OK;
}
/* did we prefer to be redirected to the login page on failure instead? */
if (HTTP_UNAUTHORIZED == rv && conf->loginrequired) {
- apr_table_set(r->headers_out, "Location", conf->loginrequired);
- return HTTP_MOVED_TEMPORARILY;
+ const char *loginrequired = ap_expr_str_exec(r,
+ conf->loginrequired, &err);
+ if (!err) {
+ apr_table_set(r->headers_out, "Location", loginrequired);
+ return HTTP_MOVED_TEMPORARILY;
+ }
+ else {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02342)
+ "Can't evaluate login required expression: %s", err);
+ return HTTP_INTERNAL_SERVER_ERROR;
+ }
}
return rv;
static int authenticate_form_logout_handler(request_rec * r)
{
auth_form_config_rec *conf;
+ const char *err;
if (strcmp(r->handler, FORM_LOGOUT_HANDLER)) {
return DECLINED;
/* if set, internal redirect to the logout page */
if (conf->logout) {
- apr_table_addn(r->headers_out, "Location", conf->logout);
- return HTTP_TEMPORARY_REDIRECT;
+ const char *logout = ap_expr_str_exec(r,
+ conf->logout, &err);
+ if (!err) {
+ apr_table_addn(r->headers_out, "Location", logout);
+ return HTTP_TEMPORARY_REDIRECT;
+ }
+ else {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02343)
+ "Can't evaluate logout expression: %s", err);
+ return HTTP_INTERNAL_SERVER_ERROR;
+ }
}
return HTTP_OK;
projects / apache / commitdiff