1
/* Licensed to the Apache Software Foundation (ASF) under one or more
2
* contributor license agreements. See the NOTICE file distributed with
3
* this work for additional information regarding copyright ownership.
4
* The ASF licenses this file to You under the Apache License, Version 2.0
5
* (the "License"); you may not use this file except in compliance with
6
* the License. You may obtain a copy of the License at
8
* http://www.apache.org/licenses/LICENSE-2.0
10
* Unless required by applicable law or agreed to in writing, software
11
* distributed under the License is distributed on an "AS IS" BASIS,
12
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13
* See the License for the specific language governing permissions and
14
* limitations under the License.
17
#include "apr_strings.h"
18
#define APR_WANT_STRFUNC /* for strcasecmp */
22
#include "ap_config.h"
24
#include "http_config.h"
25
#include "http_core.h"
26
#include "http_request.h"
27
#include "ap_provider.h"
31
typedef struct provider_alias_rec {
34
ap_conf_vector_t *sec_auth;
35
const authn_provider *provider;
38
typedef struct authn_alias_srv_conf {
39
apr_hash_t *alias_rec;
40
} authn_alias_srv_conf;
42
module AP_MODULE_DECLARE_DATA authn_alias_module;
44
static authn_status authn_alias_check_password(request_rec *r, const char *user,
47
/* Look up the provider alias in the alias list */
48
/* Get the the dir_config and call ap_Merge_per_dir_configs() */
49
/* Call the real provider->check_password() function */
50
/* return the result of the above function call */
52
const char *provider_name = apr_table_get(r->notes, AUTHN_PROVIDER_NAME_NOTE);
53
authn_status ret = AUTH_USER_NOT_FOUND;
54
authn_alias_srv_conf *authcfg =
55
(authn_alias_srv_conf *)ap_get_module_config(r->server->module_config,
59
provider_alias_rec *prvdraliasrec = apr_hash_get(authcfg->alias_rec,
60
provider_name, APR_HASH_KEY_STRING);
61
ap_conf_vector_t *orig_dir_config = r->per_dir_config;
63
/* If we found the alias provider in the list, then merge the directory
64
configurations and call the real provider */
66
r->per_dir_config = ap_merge_per_dir_configs(r->pool, orig_dir_config,
67
prvdraliasrec->sec_auth);
68
ret = prvdraliasrec->provider->check_password(r,user,password);
69
r->per_dir_config = orig_dir_config;
76
static authn_status authn_alias_get_realm_hash(request_rec *r, const char *user,
77
const char *realm, char **rethash)
79
/* Look up the provider alias in the alias list */
80
/* Get the the dir_config and call ap_Merge_per_dir_configs() */
81
/* Call the real provider->get_realm_hash() function */
82
/* return the result of the above function call */
84
const char *provider_name = apr_table_get(r->notes, AUTHN_PROVIDER_NAME_NOTE);
85
authn_status ret = AUTH_USER_NOT_FOUND;
86
authn_alias_srv_conf *authcfg =
87
(authn_alias_srv_conf *)ap_get_module_config(r->server->module_config,
91
provider_alias_rec *prvdraliasrec = apr_hash_get(authcfg->alias_rec,
92
provider_name, APR_HASH_KEY_STRING);
93
ap_conf_vector_t *orig_dir_config = r->per_dir_config;
95
/* If we found the alias provider in the list, then merge the directory
96
configurations and call the real provider */
98
r->per_dir_config = ap_merge_per_dir_configs(r->pool, orig_dir_config,
99
prvdraliasrec->sec_auth);
100
ret = prvdraliasrec->provider->get_realm_hash(r,user,realm,rethash);
101
r->per_dir_config = orig_dir_config;
108
static void *create_authn_alias_svr_config(apr_pool_t *p, server_rec *s)
111
authn_alias_srv_conf *authcfg;
113
authcfg = (authn_alias_srv_conf *) apr_pcalloc(p, sizeof(authn_alias_srv_conf));
114
authcfg->alias_rec = apr_hash_make(p);
116
return (void *) authcfg;
119
static const authn_provider authn_alias_provider =
121
&authn_alias_check_password,
122
&authn_alias_get_realm_hash,
125
static const char *authaliassection(cmd_parms *cmd, void *mconfig, const char *arg)
127
int old_overrides = cmd->override;
128
const char *endp = ap_strrchr_c(arg, '>');
130
char *provider_alias;
133
const authn_provider *provider = NULL;
134
ap_conf_vector_t *new_auth_config = ap_create_per_dir_config(cmd->pool);
135
authn_alias_srv_conf *authcfg =
136
(authn_alias_srv_conf *)ap_get_module_config(cmd->server->module_config,
137
&authn_alias_module);
139
const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
145
return apr_pstrcat(cmd->pool, cmd->cmd->name,
146
"> directive missing closing '>'", NULL);
149
args = apr_pstrndup(cmd->pool, arg, endp - arg);
152
return apr_pstrcat(cmd->pool, cmd->cmd->name,
153
"> directive requires additional arguments", NULL);
156
/* Pull the real provider name and the alias name from the block header */
157
provider_name = ap_getword_conf(cmd->pool, &args);
158
provider_alias = ap_getword_conf(cmd->pool, &args);
160
if (!provider_name[0] || !provider_alias[0]) {
161
return apr_pstrcat(cmd->pool, cmd->cmd->name,
162
"> directive requires additional arguments", NULL);
165
if (strcasecmp(provider_name, provider_alias) == 0) {
166
return apr_pstrcat(cmd->pool,
167
"The alias provider name must be different from the base provider name.", NULL);
170
/* Look up the alias provider to make sure that it hasn't already been registered. */
171
provider = ap_lookup_provider(AUTHN_PROVIDER_GROUP, provider_alias, "0");
173
return apr_pstrcat(cmd->pool, "The alias provider ", provider_alias,
174
" has already be registered previously as either a base provider or an alias provider.",
178
/* walk the subsection configuration to get the per_dir config that we will
179
merge just before the real provider is called. */
180
cmd->override = OR_ALL|ACCESS_CONF;
181
errmsg = ap_walk_config(cmd->directive->first_child, cmd, new_auth_config);
184
provider_alias_rec *prvdraliasrec = apr_pcalloc(cmd->pool, sizeof(provider_alias_rec));
185
provider = ap_lookup_provider(AUTHN_PROVIDER_GROUP, provider_name, "0");
187
/* Save off the new directory config along with the original provider name
188
and function pointer data */
189
prvdraliasrec->sec_auth = new_auth_config;
190
prvdraliasrec->provider_name = provider_name;
191
prvdraliasrec->provider_alias = provider_alias;
192
prvdraliasrec->provider = provider;
193
apr_hash_set(authcfg->alias_rec, provider_alias, APR_HASH_KEY_STRING, prvdraliasrec);
195
/* Register the fake provider so that we get called first */
196
ap_register_provider(cmd->pool, AUTHN_PROVIDER_GROUP, provider_alias, "0",
197
&authn_alias_provider);
200
cmd->override = old_overrides;
205
static const command_rec authn_alias_cmds[] =
207
AP_INIT_RAW_ARGS("<AuthnProviderAlias", authaliassection, NULL, RSRC_CONF,
208
"Container for authentication directives grouped under "
214
module AP_MODULE_DECLARE_DATA authn_alias_module =
216
STANDARD20_MODULE_STUFF,
217
NULL, /* dir config creater */
218
NULL, /* dir merger --- default is to override */
219
create_authn_alias_svr_config, /* server config */
220
NULL, /* merge server config */
221
authn_alias_cmds, /* command apr_table_t */
222
NULL /* register hooks */