From: Graham Leggett <minfrin@apache.org>
Date: Sat, 30 Aug 2008 11:11:21 +0000 (+0000)
Subject: mod_auth_form: Make sure the logged in user is populated correctly
X-Git-Tag: 2.3.0~329
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=0529fe2737e57a2f788e3edb992b3c792125614b;p=apache

mod_auth_form: Make sure the logged in user is populated correctly
after a form login. Fixes a missing REMOTE_USER variable directly
following a login.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@690493 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index e9f636bb21..ccbecc42df 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2,6 +2,10 @@
 Changes with Apache 2.3.0
 [ When backported to 2.2.x, remove entry from this file ]
 
+  *) mod_auth_form: Make sure the logged in user is populated correctly
+     after a form login. Fixes a missing REMOTE_USER variable directly
+     following a login. [Graham Leggett]
+
   *) mod_session_cookie: Make sure that cookie attributes are correctly
      included in the blank cookie when cookies are removed. This fixes an
      inability to log out when using mod_auth_form. [Graham Leggett]
diff --git a/modules/aaa/mod_auth_form.c b/modules/aaa/mod_auth_form.c
index 1d34f15461..61bae23939 100644
--- a/modules/aaa/mod_auth_form.c
+++ b/modules/aaa/mod_auth_form.c
@@ -941,6 +941,11 @@ static int authenticate_form_authn(request_rec * r)
                            &sent_user, &sent_pw, &sent_loc, &sent_method,
                            &sent_mimetype, &sent_body, conf);
 
+        /* make sure any user detected within the subrequest is saved back to
+         * the main request.
+         */
+        r->user = rr->user;
+
         /* insert the kept_body filter on the main request to guarantee the
          * input filter stack cannot be read a second time, optionally inject
          * a saved body if one was specified in the login form.