From: Graham Leggett Date: Wed, 9 Apr 2008 12:39:33 +0000 (+0000) Subject: Change the directives within the mod_session* modules to be valid X-Git-Tag: 2.3.0~744 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=6919d5d26167aa2cc2ecb4cd043ce37371368367;p=apache Change the directives within the mod_session* modules to be valid both inside and outside the location/directory sections, as suggested by wrowe. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@646304 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index 86700ea5fe..28d019d931 100644 --- a/CHANGES +++ b/CHANGES @@ -2,6 +2,10 @@ Changes with Apache 2.3.0 [ When backported to 2.2.x, remove entry from this file ] + *) Change the directives within the mod_session* modules to be valid + both inside and outside the location/directory sections, as + suggested by wrowe. [Graham Leggett] + *) mod_auth_form: Add a module capable of allowing end users to log in using an HTML form, storing the credentials within mod_session. [Graham Leggett] diff --git a/docs/manual/mod/mod_session.xml b/docs/manual/mod/mod_session.xml index 205b95ce3b..0567c2ae63 100644 --- a/docs/manual/mod/mod_session.xml +++ b/docs/manual/mod/mod_session.xml @@ -256,7 +256,10 @@ Enables a session for the current directory or location Session On|Off Session Off -directory +server config +virtual host +directory +.htaccess Available in Apache 2.3.0 and later @@ -272,7 +275,10 @@ Define a maximum age in seconds for a session SessionMaxAge maxage SessionMaxAge 0 -directory +server config +virtual host +directory +.htaccess Available in Apache 2.3.0 and later @@ -295,7 +301,10 @@ HTTP_SESSION environment variable SessionEnv On|Off SessionEnv Off -directory +server config +virtual host +directory +.htaccess Available in Apache 2.3.0 and later @@ -318,7 +327,10 @@ Import session updates from a given HTTP response header SessionHeader header none -directory +server config +virtual host +directory +.htaccess Available in Apache 2.3.0 and later @@ -344,7 +356,10 @@ Define URL prefixes for which a session is valid SessionInclude path all URLs -directory +server config +virtual host +directory +.htaccess Available in Apache 2.3.0 and later @@ -368,7 +383,10 @@ Define URL prefixes for which a session is ignored SessionExclude path none -directory +server config +virtual host +directory +.htaccess Available in Apache 2.3.0 and later diff --git a/docs/manual/mod/mod_session_cookie.xml b/docs/manual/mod/mod_session_cookie.xml index b896f99ca3..3abcdebde2 100644 --- a/docs/manual/mod/mod_session_cookie.xml +++ b/docs/manual/mod/mod_session_cookie.xml @@ -81,7 +81,10 @@ Name and attributes for the RFC2109 cookie storing the session SessionCookieName name attributes none -directory +server config +virtual host +directory +.htaccess Available in Apache 2.3.0 and later @@ -109,7 +112,10 @@ Name and attributes for the RFC2965 cookie storing the session SessionCookieName2 name attributes none -directory +server config +virtual host +directory +.htaccess Available in Apache 2.3.0 and later @@ -137,7 +143,10 @@ Control for whether session cookies should be removed from incoming HTTP headers SessionCookieRemove On|Off SessionCookieRemove Off -directory +server config +virtual host +directory +.htaccess Available in Apache 2.3.0 and later diff --git a/docs/manual/mod/mod_session_crypto.xml b/docs/manual/mod/mod_session_crypto.xml index eea4c21b6a..d6437e9f2e 100644 --- a/docs/manual/mod/mod_session_crypto.xml +++ b/docs/manual/mod/mod_session_crypto.xml @@ -81,7 +81,10 @@ The key used to encrypt the session SessionCryptoPassphrase secret none -directory +server config +virtual host +directory +.htaccess Available in Apache 2.3.0 and later @@ -106,7 +109,10 @@ The certificate used to encrypt and decrypt the session SessionCryptoCertificateFile file none -directory +server config +virtual host +directory +.htaccess Available in Apache 2.3.0 and later @@ -136,7 +142,10 @@ The certificate key used to encrypt and decrypt the session SessionCryptoCertificateKeyFile file none -directory +server config +virtual host +directory +.htaccess Available in Apache 2.3.0 and later @@ -167,7 +176,10 @@ The name of the cipher to use during encryption / decryption SessionCryptoCipher cipher AES256 -directory +server config +virtual host +directory +.htaccess Available in Apache 2.3.0 and later @@ -183,7 +195,10 @@ The name of the digest to use during encryption / decryption SessionCryptoDigest cipher SHA -directory +server config +virtual host +directory +.htaccess Available in Apache 2.3.0 and later @@ -199,7 +214,10 @@ The name of the engine to use during encryption / decryption SessionCryptoEngine engine none -directory +server config +virtual host +directory +.htaccess Available in Apache 2.3.0 and later diff --git a/docs/manual/mod/mod_session_dbd.xml b/docs/manual/mod/mod_session_dbd.xml index 3350c1d174..c8be1dd85d 100644 --- a/docs/manual/mod/mod_session_dbd.xml +++ b/docs/manual/mod/mod_session_dbd.xml @@ -148,7 +148,10 @@ Name and attributes for the RFC2109 cookie storing the session ID SessionDBDCookieName name attributes none -directory +server config +virtual host +directory +.htaccess Available in Apache 2.3.0 and later @@ -176,7 +179,10 @@ Name and attributes for the RFC2965 cookie storing the session ID SessionDBDCookieName2 name attributes none -directory +server config +virtual host +directory +.htaccess Available in Apache 2.3.0 and later @@ -204,7 +210,10 @@ Control for whether session ID cookies should be removed from incoming HTTP headers SessionDBDCookieRemove On|Off SessionDBDCookieRemove On -directory +server config +virtual host +directory +.htaccess Available in Apache 2.3.0 and later @@ -225,7 +234,10 @@ Enable a per user session SessionDBDPerUser On|Off SessionDBDPerUser Off -directory +server config +virtual host +directory +.htaccess Available in Apache 2.3.0 and later @@ -242,7 +254,10 @@ The SQL query to use to select sessions from the database SessionDBDSelectLabel label SessionDBDSelectLabel selectsession -directory +server config +virtual host +directory +.htaccess Available in Apache 2.3.0 and later @@ -259,7 +274,10 @@ The SQL query to use to insert sessions into the database SessionDBDInsertLabel label SessionDBDInsertLabel insertsession -directory +server config +virtual host +directory +.htaccess Available in Apache 2.3.0 and later @@ -279,7 +297,10 @@ The SQL query to use to update existing sessions in the database SessionDBDUpdateLabel label SessionDBDUpdateLabel updatesession -directory +server config +virtual host +directory +.htaccess Available in Apache 2.3.0 and later @@ -300,7 +321,10 @@ The SQL query to use to remove sessions from the database SessionDBDDeleteLabel label SessionDBDDeleteLabel deletesession -directory +server config +virtual host +directory +.htaccess Available in Apache 2.3.0 and later diff --git a/modules/session/mod_session.c b/modules/session/mod_session.c index 9ff7362d36..7b49880909 100644 --- a/modules/session/mod_session.c +++ b/modules/session/mod_session.c @@ -582,17 +582,17 @@ static const char *add_session_exclude(cmd_parms * cmd, void *dconf, const char static const command_rec session_cmds[] = { - AP_INIT_FLAG("Session", set_session_enable, NULL, OR_AUTHCFG, + AP_INIT_FLAG("Session", set_session_enable, NULL, RSRC_CONF|OR_AUTHCFG, "on if a session should be maintained for these URLs"), - AP_INIT_TAKE1("SessionMaxAge", set_session_maxage, NULL, OR_AUTHCFG, + AP_INIT_TAKE1("SessionMaxAge", set_session_maxage, NULL, RSRC_CONF|OR_AUTHCFG, "length of time for which a session should be valid. Zero to disable"), - AP_INIT_TAKE1("SessionHeader", set_session_header, NULL, OR_AUTHCFG, + AP_INIT_TAKE1("SessionHeader", set_session_header, NULL, RSRC_CONF|OR_AUTHCFG, "output header, if present, whose contents will be injected into the session."), - AP_INIT_FLAG("SessionEnv", set_session_env, NULL, OR_AUTHCFG, + AP_INIT_FLAG("SessionEnv", set_session_env, NULL, RSRC_CONF|OR_AUTHCFG, "on if a session should be written to the CGI environment. Defaults to off"), - AP_INIT_TAKE1("SessionInclude", add_session_include, NULL, OR_AUTHCFG, + AP_INIT_TAKE1("SessionInclude", add_session_include, NULL, RSRC_CONF|OR_AUTHCFG, "URL prefixes to include in the session. Defaults to all URLs"), - AP_INIT_TAKE1("SessionExclude", add_session_exclude, NULL, OR_AUTHCFG, + AP_INIT_TAKE1("SessionExclude", add_session_exclude, NULL, RSRC_CONF|OR_AUTHCFG, "URL prefixes to exclude from the session. Defaults to no URLs"), {NULL} }; diff --git a/modules/session/mod_session_cookie.c b/modules/session/mod_session_cookie.c index caaa3d19dd..0eb0e597d4 100644 --- a/modules/session/mod_session_cookie.c +++ b/modules/session/mod_session_cookie.c @@ -241,11 +241,11 @@ static const char * static const command_rec session_cookie_cmds[] = { - AP_INIT_RAW_ARGS("SessionCookieName", set_cookie_name, NULL, OR_AUTHCFG, + AP_INIT_RAW_ARGS("SessionCookieName", set_cookie_name, NULL, RSRC_CONF|OR_AUTHCFG, "The name of the RFC2109 cookie carrying the session"), - AP_INIT_RAW_ARGS("SessionCookieName2", set_cookie_name2, NULL, OR_AUTHCFG, + AP_INIT_RAW_ARGS("SessionCookieName2", set_cookie_name2, NULL, RSRC_CONF|OR_AUTHCFG, "The name of the RFC2965 cookie carrying the session"), - AP_INIT_FLAG("SessionCookieRemove", set_remove, NULL, OR_AUTHCFG, + AP_INIT_FLAG("SessionCookieRemove", set_remove, NULL, RSRC_CONF|OR_AUTHCFG, "Set to 'On' to remove the session cookie from the headers " "and hide the cookie from a backend server or process"), {NULL} diff --git a/modules/session/mod_session_dbd.c b/modules/session/mod_session_dbd.c index 520ecccb06..87693b0072 100644 --- a/modules/session/mod_session_dbd.c +++ b/modules/session/mod_session_dbd.c @@ -591,24 +591,24 @@ static const char *set_cookie_name2(cmd_parms * cmd, void *config, const char *a static const command_rec session_dbd_cmds[] = { AP_INIT_TAKE1("SessionDBDSelectLabel", ap_set_string_slot, - (void *) APR_OFFSETOF(session_dbd_dir_conf, selectlabel), OR_AUTHCFG, + (void *) APR_OFFSETOF(session_dbd_dir_conf, selectlabel), RSRC_CONF|OR_AUTHCFG, "Query label used to select a new session"), AP_INIT_TAKE1("SessionDBDInsertLabel", ap_set_string_slot, - (void *) APR_OFFSETOF(session_dbd_dir_conf, insertlabel), OR_AUTHCFG, + (void *) APR_OFFSETOF(session_dbd_dir_conf, insertlabel), RSRC_CONF|OR_AUTHCFG, "Query label used to insert a new session"), AP_INIT_TAKE1("SessionDBDUpdateLabel", ap_set_string_slot, - (void *) APR_OFFSETOF(session_dbd_dir_conf, updatelabel), OR_AUTHCFG, + (void *) APR_OFFSETOF(session_dbd_dir_conf, updatelabel), RSRC_CONF|OR_AUTHCFG, "Query label used to update an existing session"), AP_INIT_TAKE1("SessionDBDDeleteLabel", ap_set_string_slot, - (void *) APR_OFFSETOF(session_dbd_dir_conf, deletelabel), OR_AUTHCFG, + (void *) APR_OFFSETOF(session_dbd_dir_conf, deletelabel), RSRC_CONF|OR_AUTHCFG, "Query label used to delete an existing session"), - AP_INIT_FLAG("SessionDBDPerUser", set_dbd_peruser, NULL, OR_AUTHCFG, + AP_INIT_FLAG("SessionDBDPerUser", set_dbd_peruser, NULL, RSRC_CONF|OR_AUTHCFG, "Save the session per user"), AP_INIT_FLAG("SessionDBDCookieRemove", set_dbd_cookie_remove, NULL, RSRC_CONF|OR_AUTHCFG, "Remove the session cookie after session load. On by default."), - AP_INIT_RAW_ARGS("SessionDBDCookieName", set_cookie_name, NULL, OR_AUTHCFG, + AP_INIT_RAW_ARGS("SessionDBDCookieName", set_cookie_name, NULL, RSRC_CONF|OR_AUTHCFG, "The name of the RFC2109 cookie carrying the session key"), - AP_INIT_RAW_ARGS("SessionDBDCookieName2", set_cookie_name2, NULL, OR_AUTHCFG, + AP_INIT_RAW_ARGS("SessionDBDCookieName2", set_cookie_name2, NULL, RSRC_CONF|OR_AUTHCFG, "The name of the RFC2965 cookie carrying the session key"), {NULL} };