From: Nick Kew Date: Sat, 8 Oct 2011 14:51:35 +0000 (+0000) Subject: mod_authn_socache: fix it to enable initialisation to work if configured X-Git-Tag: 2.3.15~156 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=7b2819356a41b9dfaf0dfc436cd827694e069c3f;p=apache mod_authn_socache: fix it to enable initialisation to work if configured only in .htaccess context, and provide a toggle for that. PR 51991 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1180384 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index f1a39afc6e..e74f609594 100644 --- a/CHANGES +++ b/CHANGES @@ -137,6 +137,10 @@ Changes with Apache 2.3.15 *) mod_deflate: Fix endless loop if first bucket is metadata. PR 51590. [Torsten Foertsch ] + *) mod_authn_socache: Fix to work in .htaccess if not configured anywhere + in httpd.conf, and introduce an AuthnCacheEnable directive. + PR 51991 [Nick Kew] + Changes with Apache 2.3.14 *) mod_proxy_ajp: Improve trace logging. [Rainer Jung] diff --git a/docs/manual/mod/mod_authn_socache.xml b/docs/manual/mod/mod_authn_socache.xml index 7a1816ab26..c9617a7366 100644 --- a/docs/manual/mod/mod_authn_socache.xml +++ b/docs/manual/mod/mod_authn_socache.xml @@ -93,6 +93,23 @@ the load on backends >r957072, in which three authn providers are enabled for cacheing.

+ +AuthnCacheEnable +Enable Authn caching configured anywhere +AuthnCacheEnable +server config +None + + +

This directive is not normally necessary: it is implied if + authentication cacheing is enabled anywhere in httpd.conf. + However, if it is not enabled anywhere in httpd.conf + it will by default not be initialised, and is therefore not + available in a .htaccess context. This directive + ensures it is initialised so it can be used in .htaccess.

+ + + AuthnCacheSOCache Select socache backend provider to use diff --git a/modules/aaa/mod_authn_socache.c b/modules/aaa/mod_authn_socache.c index 4ba572f9e2..60a7c7aaa3 100644 --- a/modules/aaa/mod_authn_socache.c +++ b/modules/aaa/mod_authn_socache.c @@ -151,6 +151,13 @@ static const char *authn_cache_socache(cmd_parms *cmd, void *CFG, return errmsg; } +static const char *authn_cache_enable(cmd_parms *cmd, void *CFG) +{ + const char *errmsg = ap_check_cmd_context(cmd, GLOBAL_ONLY); + configured = 1; + return errmsg; +} + static const char *const directory = "directory"; static void* authn_cache_dircfg_create(apr_pool_t *pool, char *s) { @@ -205,6 +212,8 @@ static const command_rec authn_cache_cmds[] = /* global stuff: cache and mutex */ AP_INIT_TAKE1("AuthnCacheSOCache", authn_cache_socache, NULL, RSRC_CONF, "socache provider for authn cache"), + AP_INIT_NO_ARGS("AuthnCacheEnable", authn_cache_enable, NULL, RSRC_CONF, + "enable socache configuration in htaccess even if not enabled anywhere else"), /* per-dir stuff */ AP_INIT_ITERATE("AuthnCacheProvideFor", authn_cache_setprovider, NULL, OR_AUTHCFG, "Determine what authn providers to cache for"), @@ -250,7 +259,7 @@ static void ap_authn_cache_store(request_rec *r, const char *module, /* first check whether we're cacheing for this module */ dcfg = ap_get_module_config(r->per_dir_config, &authn_socache_module); - if (!dcfg->providers) { + if (!configured || !dcfg->providers) { return; } for (i = 0; i < dcfg->providers->nelts; ++i) { @@ -327,7 +336,7 @@ static authn_status check_password(request_rec *r, const char *user, unsigned char val[MAX_VAL_LEN]; unsigned int vallen = MAX_VAL_LEN - 1; dcfg = ap_get_module_config(r->per_dir_config, &authn_socache_module); - if (!dcfg->providers) { + if (!configured || !dcfg->providers) { return AUTH_USER_NOT_FOUND; } key = construct_key(r, dcfg->context, user, NULL); @@ -372,7 +381,7 @@ static authn_status get_realm_hash(request_rec *r, const char *user, unsigned char val[MAX_VAL_LEN]; unsigned int vallen = MAX_VAL_LEN - 1; dcfg = ap_get_module_config(r->per_dir_config, &authn_socache_module); - if (!dcfg->providers) { + if (!configured || !dcfg->providers) { return AUTH_USER_NOT_FOUND; } key = construct_key(r, dcfg->context, user, realm);