From: Graham Leggett <minfrin@apache.org>
Date: Sat, 30 Aug 2008 13:48:47 +0000 (+0000)
Subject: mod_auth_form: Make sure that basic authentication is correctly
X-Git-Tag: 2.3.0~326
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=84e0e4f48dce3479d68156c4d131a31357d2c905;p=apache

mod_auth_form: Make sure that basic authentication is correctly
faked directly after login.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@690506 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index 0bd0753f2a..845b2244d7 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2,6 +2,9 @@
 Changes with Apache 2.3.0
 [ When backported to 2.2.x, remove entry from this file ]
 
+  *) mod_auth_form: Make sure that basic authentication is correctly
+     faked directly after login. [Graham Leggett]
+
   *) mod_session_cookie, mod_session_dbd: Make sure cookies are set both
      within the output headers and error output headers, so that the
      session is maintained across redirects. [Graham Leggett]
diff --git a/modules/aaa/mod_auth_form.c b/modules/aaa/mod_auth_form.c
index fd981cfe72..dfbb30d2ea 100644
--- a/modules/aaa/mod_auth_form.c
+++ b/modules/aaa/mod_auth_form.c
@@ -972,6 +972,7 @@ static int authenticate_form_authn(request_rec * r)
         if (OK == rv) {
             rv = check_authn(r, sent_user, sent_pw);
             if (OK == rv) {
+                fake_basic_authentication(r, conf, sent_user, sent_pw);
                 set_session_auth(r, sent_user, sent_pw, conf->site);
                 if (sent_loc) {
                     apr_table_set(r->headers_out, "Location", sent_loc);