1 | /* mod_auth_optional |
---|
2 | * version 1.0, released 2007-09-01 |
---|
3 | * Anders Kaseorg <andersk@mit.edu> |
---|
4 | * |
---|
5 | * This module can pretend that authentication succeeded even if no |
---|
6 | * authorization module is authoritative, instead of returning a |
---|
7 | * Forbidden error. |
---|
8 | */ |
---|
9 | |
---|
10 | #include "ap_config.h" |
---|
11 | #include "httpd.h" |
---|
12 | #include "http_config.h" |
---|
13 | #include "http_request.h" |
---|
14 | |
---|
15 | typedef struct { |
---|
16 | int optional; |
---|
17 | char *default_user; |
---|
18 | } auth_optional_config_rec; |
---|
19 | |
---|
20 | static void *create_auth_optional_dir_config(apr_pool_t *p, char *d) |
---|
21 | { |
---|
22 | auth_optional_config_rec *conf = apr_pcalloc(p, sizeof(*conf)); |
---|
23 | conf->optional = 0; |
---|
24 | conf->default_user = NULL; |
---|
25 | return conf; |
---|
26 | } |
---|
27 | |
---|
28 | static const command_rec auth_optional_cmds[] = |
---|
29 | { |
---|
30 | AP_INIT_FLAG("AuthOptional", ap_set_flag_slot, |
---|
31 | (void *)APR_OFFSETOF(auth_optional_config_rec, optional), |
---|
32 | OR_AUTHCFG, |
---|
33 | "Make authentication succeed if no authorization module is authoritative"), |
---|
34 | AP_INIT_TAKE1("AuthOptionalDefaultUser", ap_set_string_slot, |
---|
35 | (void*)APR_OFFSETOF(auth_optional_config_rec, default_user), |
---|
36 | OR_AUTHCFG, |
---|
37 | "Default username to use if no authorization module is authoritative"), |
---|
38 | {NULL} |
---|
39 | }; |
---|
40 | |
---|
41 | module AP_MODULE_DECLARE_DATA auth_optional_module; |
---|
42 | |
---|
43 | static int auth_optional_check_user_id(request_rec *r) |
---|
44 | { |
---|
45 | auth_optional_config_rec *conf = ap_get_module_config(r->per_dir_config, |
---|
46 | &auth_optional_module); |
---|
47 | if (!conf->optional) |
---|
48 | return DECLINED; |
---|
49 | |
---|
50 | r->user = conf->default_user; |
---|
51 | return OK; |
---|
52 | } |
---|
53 | |
---|
54 | static int auth_optional_auth_checker(request_rec *r) |
---|
55 | { |
---|
56 | auth_optional_config_rec *conf = ap_get_module_config(r->per_dir_config, |
---|
57 | &auth_optional_module); |
---|
58 | if (!conf->optional || conf->default_user != NULL) |
---|
59 | return DECLINED; |
---|
60 | |
---|
61 | return OK; |
---|
62 | } |
---|
63 | |
---|
64 | static void register_hooks(apr_pool_t *p) |
---|
65 | { |
---|
66 | /* Right before mod_authz_default. */ |
---|
67 | ap_hook_check_user_id(auth_optional_check_user_id, NULL, NULL, APR_HOOK_LAST - 1); |
---|
68 | ap_hook_auth_checker(auth_optional_auth_checker, NULL, NULL, APR_HOOK_REALLY_FIRST); |
---|
69 | } |
---|
70 | |
---|
71 | module AP_MODULE_DECLARE_DATA auth_optional_module = |
---|
72 | { |
---|
73 | STANDARD20_MODULE_STUFF, |
---|
74 | create_auth_optional_dir_config, /* dir config creater */ |
---|
75 | NULL, /* dir merger --- default is to override */ |
---|
76 | NULL, /* server config */ |
---|
77 | NULL, /* merge server config */ |
---|
78 | auth_optional_cmds, /* command apr_table_t */ |
---|
79 | register_hooks /* register hooks */ |
---|
80 | }; |
---|