You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by mi...@apache.org on 2008/04/09 14:39:34 UTC
svn commit: r646304 - in /httpd/httpd/trunk: ./ docs/manual/mod/
modules/session/
Author: minfrin
Date: Wed Apr 9 05:39:33 2008
New Revision: 646304
URL: http://svn.apache.org/viewvc?rev=646304&view=rev
Log:
Change the directives within the mod_session* modules to be valid
both inside and outside the location/directory sections, as suggested
by wrowe.
Modified:
httpd/httpd/trunk/CHANGES
httpd/httpd/trunk/docs/manual/mod/mod_session.xml
httpd/httpd/trunk/docs/manual/mod/mod_session_cookie.xml
httpd/httpd/trunk/docs/manual/mod/mod_session_crypto.xml
httpd/httpd/trunk/docs/manual/mod/mod_session_dbd.xml
httpd/httpd/trunk/modules/session/mod_session.c
httpd/httpd/trunk/modules/session/mod_session_cookie.c
httpd/httpd/trunk/modules/session/mod_session_dbd.c
Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=646304&r1=646303&r2=646304&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Wed Apr 9 05:39:33 2008
@@ -2,6 +2,10 @@
Changes with Apache 2.3.0
[ When backported to 2.2.x, remove entry from this file ]
+ *) Change the directives within the mod_session* modules to be valid
+ both inside and outside the location/directory sections, as
+ suggested by wrowe. [Graham Leggett]
+
*) mod_auth_form: Add a module capable of allowing end users to log
in using an HTML form, storing the credentials within mod_session.
[Graham Leggett]
Modified: httpd/httpd/trunk/docs/manual/mod/mod_session.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_session.xml?rev=646304&r1=646303&r2=646304&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_session.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_session.xml Wed Apr 9 05:39:33 2008
@@ -256,7 +256,10 @@
<description>Enables a session for the current directory or location</description>
<syntax>Session On|Off</syntax>
<default>Session Off</default>
-<contextlist><context>directory</context>
+<contextlist><context>server config</context>
+<context>virtual host</context>
+<context>directory</context>
+<context>.htaccess</context>
</contextlist>
<compatibility>Available in Apache 2.3.0 and later</compatibility>
@@ -272,7 +275,10 @@
<description>Define a maximum age in seconds for a session</description>
<syntax>SessionMaxAge <var>maxage</var></syntax>
<default>SessionMaxAge 0</default>
-<contextlist><context>directory</context>
+<contextlist><context>server config</context>
+<context>virtual host</context>
+<context>directory</context>
+<context>.htaccess</context>
</contextlist>
<compatibility>Available in Apache 2.3.0 and later</compatibility>
@@ -295,7 +301,10 @@
<var>HTTP_SESSION</var> environment variable</description>
<syntax>SessionEnv On|Off</syntax>
<default>SessionEnv Off</default>
-<contextlist><context>directory</context>
+<contextlist><context>server config</context>
+<context>virtual host</context>
+<context>directory</context>
+<context>.htaccess</context>
</contextlist>
<compatibility>Available in Apache 2.3.0 and later</compatibility>
@@ -318,7 +327,10 @@
<description>Import session updates from a given HTTP response header</description>
<syntax>SessionHeader <var>header</var></syntax>
<default>none</default>
-<contextlist><context>directory</context>
+<contextlist><context>server config</context>
+<context>virtual host</context>
+<context>directory</context>
+<context>.htaccess</context>
</contextlist>
<compatibility>Available in Apache 2.3.0 and later</compatibility>
@@ -344,7 +356,10 @@
<description>Define URL prefixes for which a session is valid</description>
<syntax>SessionInclude <var>path</var></syntax>
<default>all URLs</default>
-<contextlist><context>directory</context>
+<contextlist><context>server config</context>
+<context>virtual host</context>
+<context>directory</context>
+<context>.htaccess</context>
</contextlist>
<compatibility>Available in Apache 2.3.0 and later</compatibility>
@@ -368,7 +383,10 @@
<description>Define URL prefixes for which a session is ignored</description>
<syntax>SessionExclude <var>path</var></syntax>
<default>none</default>
-<contextlist><context>directory</context>
+<contextlist><context>server config</context>
+<context>virtual host</context>
+<context>directory</context>
+<context>.htaccess</context>
</contextlist>
<compatibility>Available in Apache 2.3.0 and later</compatibility>
Modified: httpd/httpd/trunk/docs/manual/mod/mod_session_cookie.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_session_cookie.xml?rev=646304&r1=646303&r2=646304&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_session_cookie.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_session_cookie.xml Wed Apr 9 05:39:33 2008
@@ -81,7 +81,10 @@
<description>Name and attributes for the RFC2109 cookie storing the session</description>
<syntax>SessionCookieName <var>name</var> <var>attributes</var></syntax>
<default>none</default>
-<contextlist><context>directory</context>
+<contextlist><context>server config</context>
+<context>virtual host</context>
+<context>directory</context>
+<context>.htaccess</context>
</contextlist>
<compatibility>Available in Apache 2.3.0 and later</compatibility>
@@ -109,7 +112,10 @@
<description>Name and attributes for the RFC2965 cookie storing the session</description>
<syntax>SessionCookieName2 <var>name</var> <var>attributes</var></syntax>
<default>none</default>
-<contextlist><context>directory</context>
+<contextlist><context>server config</context>
+<context>virtual host</context>
+<context>directory</context>
+<context>.htaccess</context>
</contextlist>
<compatibility>Available in Apache 2.3.0 and later</compatibility>
@@ -137,7 +143,10 @@
<description>Control for whether session cookies should be removed from incoming HTTP headers</description>
<syntax>SessionCookieRemove On|Off</syntax>
<default>SessionCookieRemove Off</default>
-<contextlist><context>directory</context>
+<contextlist><context>server config</context>
+<context>virtual host</context>
+<context>directory</context>
+<context>.htaccess</context>
</contextlist>
<compatibility>Available in Apache 2.3.0 and later</compatibility>
Modified: httpd/httpd/trunk/docs/manual/mod/mod_session_crypto.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_session_crypto.xml?rev=646304&r1=646303&r2=646304&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_session_crypto.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_session_crypto.xml Wed Apr 9 05:39:33 2008
@@ -81,7 +81,10 @@
<description>The key used to encrypt the session</description>
<syntax>SessionCryptoPassphrase <var>secret</var></syntax>
<default>none</default>
-<contextlist><context>directory</context>
+<contextlist><context>server config</context>
+<context>virtual host</context>
+<context>directory</context>
+<context>.htaccess</context>
</contextlist>
<compatibility>Available in Apache 2.3.0 and later</compatibility>
@@ -106,7 +109,10 @@
<description>The certificate used to encrypt and decrypt the session</description>
<syntax>SessionCryptoCertificateFile <var>file</var></syntax>
<default>none</default>
-<contextlist><context>directory</context>
+<contextlist><context>server config</context>
+<context>virtual host</context>
+<context>directory</context>
+<context>.htaccess</context>
</contextlist>
<compatibility>Available in Apache 2.3.0 and later</compatibility>
@@ -136,7 +142,10 @@
<description>The certificate key used to encrypt and decrypt the session</description>
<syntax>SessionCryptoCertificateKeyFile <var>file</var></syntax>
<default>none</default>
-<contextlist><context>directory</context>
+<contextlist><context>server config</context>
+<context>virtual host</context>
+<context>directory</context>
+<context>.htaccess</context>
</contextlist>
<compatibility>Available in Apache 2.3.0 and later</compatibility>
@@ -167,7 +176,10 @@
<description>The name of the cipher to use during encryption / decryption</description>
<syntax>SessionCryptoCipher <var>cipher</var></syntax>
<default>AES256</default>
-<contextlist><context>directory</context>
+<contextlist><context>server config</context>
+<context>virtual host</context>
+<context>directory</context>
+<context>.htaccess</context>
</contextlist>
<compatibility>Available in Apache 2.3.0 and later</compatibility>
@@ -183,7 +195,10 @@
<description>The name of the digest to use during encryption / decryption</description>
<syntax>SessionCryptoDigest <var>cipher</var></syntax>
<default>SHA</default>
-<contextlist><context>directory</context>
+<contextlist><context>server config</context>
+<context>virtual host</context>
+<context>directory</context>
+<context>.htaccess</context>
</contextlist>
<compatibility>Available in Apache 2.3.0 and later</compatibility>
@@ -199,7 +214,10 @@
<description>The name of the engine to use during encryption / decryption</description>
<syntax>SessionCryptoEngine <var>engine</var></syntax>
<default>none</default>
-<contextlist><context>directory</context>
+<contextlist><context>server config</context>
+<context>virtual host</context>
+<context>directory</context>
+<context>.htaccess</context>
</contextlist>
<compatibility>Available in Apache 2.3.0 and later</compatibility>
Modified: httpd/httpd/trunk/docs/manual/mod/mod_session_dbd.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_session_dbd.xml?rev=646304&r1=646303&r2=646304&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_session_dbd.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_session_dbd.xml Wed Apr 9 05:39:33 2008
@@ -148,7 +148,10 @@
<description>Name and attributes for the RFC2109 cookie storing the session ID</description>
<syntax>SessionDBDCookieName <var>name</var> <var>attributes</var></syntax>
<default>none</default>
-<contextlist><context>directory</context>
+<contextlist><context>server config</context>
+<context>virtual host</context>
+<context>directory</context>
+<context>.htaccess</context>
</contextlist>
<compatibility>Available in Apache 2.3.0 and later</compatibility>
@@ -176,7 +179,10 @@
<description>Name and attributes for the RFC2965 cookie storing the session ID</description>
<syntax>SessionDBDCookieName2 <var>name</var> <var>attributes</var></syntax>
<default>none</default>
-<contextlist><context>directory</context>
+<contextlist><context>server config</context>
+<context>virtual host</context>
+<context>directory</context>
+<context>.htaccess</context>
</contextlist>
<compatibility>Available in Apache 2.3.0 and later</compatibility>
@@ -204,7 +210,10 @@
<description>Control for whether session ID cookies should be removed from incoming HTTP headers</description>
<syntax>SessionDBDCookieRemove On|Off</syntax>
<default>SessionDBDCookieRemove On</default>
-<contextlist><context>directory</context>
+<contextlist><context>server config</context>
+<context>virtual host</context>
+<context>directory</context>
+<context>.htaccess</context>
</contextlist>
<compatibility>Available in Apache 2.3.0 and later</compatibility>
@@ -225,7 +234,10 @@
<description>Enable a per user session</description>
<syntax>SessionDBDPerUser On|Off</syntax>
<default>SessionDBDPerUser Off</default>
-<contextlist><context>directory</context>
+<contextlist><context>server config</context>
+<context>virtual host</context>
+<context>directory</context>
+<context>.htaccess</context>
</contextlist>
<compatibility>Available in Apache 2.3.0 and later</compatibility>
@@ -242,7 +254,10 @@
<description>The SQL query to use to select sessions from the database</description>
<syntax>SessionDBDSelectLabel <var>label</var></syntax>
<default>SessionDBDSelectLabel selectsession</default>
-<contextlist><context>directory</context>
+<contextlist><context>server config</context>
+<context>virtual host</context>
+<context>directory</context>
+<context>.htaccess</context>
</contextlist>
<compatibility>Available in Apache 2.3.0 and later</compatibility>
@@ -259,7 +274,10 @@
<description>The SQL query to use to insert sessions into the database</description>
<syntax>SessionDBDInsertLabel <var>label</var></syntax>
<default>SessionDBDInsertLabel insertsession</default>
-<contextlist><context>directory</context>
+<contextlist><context>server config</context>
+<context>virtual host</context>
+<context>directory</context>
+<context>.htaccess</context>
</contextlist>
<compatibility>Available in Apache 2.3.0 and later</compatibility>
@@ -279,7 +297,10 @@
<description>The SQL query to use to update existing sessions in the database</description>
<syntax>SessionDBDUpdateLabel <var>label</var></syntax>
<default>SessionDBDUpdateLabel updatesession</default>
-<contextlist><context>directory</context>
+<contextlist><context>server config</context>
+<context>virtual host</context>
+<context>directory</context>
+<context>.htaccess</context>
</contextlist>
<compatibility>Available in Apache 2.3.0 and later</compatibility>
@@ -300,7 +321,10 @@
<description>The SQL query to use to remove sessions from the database</description>
<syntax>SessionDBDDeleteLabel <var>label</var></syntax>
<default>SessionDBDDeleteLabel deletesession</default>
-<contextlist><context>directory</context>
+<contextlist><context>server config</context>
+<context>virtual host</context>
+<context>directory</context>
+<context>.htaccess</context>
</contextlist>
<compatibility>Available in Apache 2.3.0 and later</compatibility>
Modified: httpd/httpd/trunk/modules/session/mod_session.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/session/mod_session.c?rev=646304&r1=646303&r2=646304&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/session/mod_session.c (original)
+++ httpd/httpd/trunk/modules/session/mod_session.c Wed Apr 9 05:39:33 2008
@@ -582,17 +582,17 @@
static const command_rec session_cmds[] =
{
- AP_INIT_FLAG("Session", set_session_enable, NULL, OR_AUTHCFG,
+ AP_INIT_FLAG("Session", set_session_enable, NULL, RSRC_CONF|OR_AUTHCFG,
"on if a session should be maintained for these URLs"),
- AP_INIT_TAKE1("SessionMaxAge", set_session_maxage, NULL, OR_AUTHCFG,
+ AP_INIT_TAKE1("SessionMaxAge", set_session_maxage, NULL, RSRC_CONF|OR_AUTHCFG,
"length of time for which a session should be valid. Zero to disable"),
- AP_INIT_TAKE1("SessionHeader", set_session_header, NULL, OR_AUTHCFG,
+ AP_INIT_TAKE1("SessionHeader", set_session_header, NULL, RSRC_CONF|OR_AUTHCFG,
"output header, if present, whose contents will be injected into the session."),
- AP_INIT_FLAG("SessionEnv", set_session_env, NULL, OR_AUTHCFG,
+ AP_INIT_FLAG("SessionEnv", set_session_env, NULL, RSRC_CONF|OR_AUTHCFG,
"on if a session should be written to the CGI environment. Defaults to off"),
- AP_INIT_TAKE1("SessionInclude", add_session_include, NULL, OR_AUTHCFG,
+ AP_INIT_TAKE1("SessionInclude", add_session_include, NULL, RSRC_CONF|OR_AUTHCFG,
"URL prefixes to include in the session. Defaults to all URLs"),
- AP_INIT_TAKE1("SessionExclude", add_session_exclude, NULL, OR_AUTHCFG,
+ AP_INIT_TAKE1("SessionExclude", add_session_exclude, NULL, RSRC_CONF|OR_AUTHCFG,
"URL prefixes to exclude from the session. Defaults to no URLs"),
{NULL}
};
Modified: httpd/httpd/trunk/modules/session/mod_session_cookie.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/session/mod_session_cookie.c?rev=646304&r1=646303&r2=646304&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/session/mod_session_cookie.c (original)
+++ httpd/httpd/trunk/modules/session/mod_session_cookie.c Wed Apr 9 05:39:33 2008
@@ -241,11 +241,11 @@
static const command_rec session_cookie_cmds[] =
{
- AP_INIT_RAW_ARGS("SessionCookieName", set_cookie_name, NULL, OR_AUTHCFG,
+ AP_INIT_RAW_ARGS("SessionCookieName", set_cookie_name, NULL, RSRC_CONF|OR_AUTHCFG,
"The name of the RFC2109 cookie carrying the session"),
- AP_INIT_RAW_ARGS("SessionCookieName2", set_cookie_name2, NULL, OR_AUTHCFG,
+ AP_INIT_RAW_ARGS("SessionCookieName2", set_cookie_name2, NULL, RSRC_CONF|OR_AUTHCFG,
"The name of the RFC2965 cookie carrying the session"),
- AP_INIT_FLAG("SessionCookieRemove", set_remove, NULL, OR_AUTHCFG,
+ AP_INIT_FLAG("SessionCookieRemove", set_remove, NULL, RSRC_CONF|OR_AUTHCFG,
"Set to 'On' to remove the session cookie from the headers "
"and hide the cookie from a backend server or process"),
{NULL}
Modified: httpd/httpd/trunk/modules/session/mod_session_dbd.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/session/mod_session_dbd.c?rev=646304&r1=646303&r2=646304&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/session/mod_session_dbd.c (original)
+++ httpd/httpd/trunk/modules/session/mod_session_dbd.c Wed Apr 9 05:39:33 2008
@@ -591,24 +591,24 @@
static const command_rec session_dbd_cmds[] =
{
AP_INIT_TAKE1("SessionDBDSelectLabel", ap_set_string_slot,
- (void *) APR_OFFSETOF(session_dbd_dir_conf, selectlabel), OR_AUTHCFG,
+ (void *) APR_OFFSETOF(session_dbd_dir_conf, selectlabel), RSRC_CONF|OR_AUTHCFG,
"Query label used to select a new session"),
AP_INIT_TAKE1("SessionDBDInsertLabel", ap_set_string_slot,
- (void *) APR_OFFSETOF(session_dbd_dir_conf, insertlabel), OR_AUTHCFG,
+ (void *) APR_OFFSETOF(session_dbd_dir_conf, insertlabel), RSRC_CONF|OR_AUTHCFG,
"Query label used to insert a new session"),
AP_INIT_TAKE1("SessionDBDUpdateLabel", ap_set_string_slot,
- (void *) APR_OFFSETOF(session_dbd_dir_conf, updatelabel), OR_AUTHCFG,
+ (void *) APR_OFFSETOF(session_dbd_dir_conf, updatelabel), RSRC_CONF|OR_AUTHCFG,
"Query label used to update an existing session"),
AP_INIT_TAKE1("SessionDBDDeleteLabel", ap_set_string_slot,
- (void *) APR_OFFSETOF(session_dbd_dir_conf, deletelabel), OR_AUTHCFG,
+ (void *) APR_OFFSETOF(session_dbd_dir_conf, deletelabel), RSRC_CONF|OR_AUTHCFG,
"Query label used to delete an existing session"),
- AP_INIT_FLAG("SessionDBDPerUser", set_dbd_peruser, NULL, OR_AUTHCFG,
+ AP_INIT_FLAG("SessionDBDPerUser", set_dbd_peruser, NULL, RSRC_CONF|OR_AUTHCFG,
"Save the session per user"),
AP_INIT_FLAG("SessionDBDCookieRemove", set_dbd_cookie_remove, NULL, RSRC_CONF|OR_AUTHCFG,
"Remove the session cookie after session load. On by default."),
- AP_INIT_RAW_ARGS("SessionDBDCookieName", set_cookie_name, NULL, OR_AUTHCFG,
+ AP_INIT_RAW_ARGS("SessionDBDCookieName", set_cookie_name, NULL, RSRC_CONF|OR_AUTHCFG,
"The name of the RFC2109 cookie carrying the session key"),
- AP_INIT_RAW_ARGS("SessionDBDCookieName2", set_cookie_name2, NULL, OR_AUTHCFG,
+ AP_INIT_RAW_ARGS("SessionDBDCookieName2", set_cookie_name2, NULL, RSRC_CONF|OR_AUTHCFG,
"The name of the RFC2965 cookie carrying the session key"),
{NULL}
};