You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by ge...@apache.org on 2004/04/05 20:00:16 UTC
cvs commit: httpd-2.0 CHANGES
geoff 2004/04/05 11:00:16
Modified: modules/aaa mod_auth_digest.c
. CHANGES
Log:
Allow Digest providers to return AUTH_DENIED to propagate a 401
status and terminate the provider chain prior to checking the password.
Reviewed by: justin
Revision Changes Path
1.88 +8 -0 httpd-2.0/modules/aaa/mod_auth_digest.c
Index: mod_auth_digest.c
===================================================================
RCS file: /home/cvs/httpd-2.0/modules/aaa/mod_auth_digest.c,v
retrieving revision 1.87
retrieving revision 1.88
diff -u -r1.87 -r1.88
--- mod_auth_digest.c 23 Mar 2004 13:57:48 -0000 1.87
+++ mod_auth_digest.c 5 Apr 2004 18:00:15 -0000 1.88
@@ -1777,6 +1777,14 @@
else if (return_code == AUTH_USER_FOUND) {
/* we have a password, so continue */
}
+ else if (return_code == AUTH_DENIED) {
+ /* authentication denied in the provider before attempting a match */
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
+ "Digest: user `%s' in realm `%s' denied by provider: %s",
+ r->user, conf->realm, r->uri);
+ note_digest_auth_failure(r, conf, resp, 0);
+ return HTTP_UNAUTHORIZED;
+ }
else {
/* AUTH_GENERAL_ERROR (or worse)
* We'll assume that the module has already said what its error
1.1448 +4 -0 httpd-2.0/CHANGES
Index: CHANGES
===================================================================
RCS file: /home/cvs/httpd-2.0/CHANGES,v
retrieving revision 1.1447
retrieving revision 1.1448
diff -u -r1.1447 -r1.1448
--- CHANGES 5 Apr 2004 17:34:46 -0000 1.1447
+++ CHANGES 5 Apr 2004 18:00:15 -0000 1.1448
@@ -2,6 +2,10 @@
[Remove entries to the current 2.0 section below, when backported]
+ *) Allow Digest providers to return AUTH_DENIED to propagate a 401
+ status and terminate the provider chain prior to checking the password.
+ [Geoffrey Young]
+
*) Allow RequestHeader directives to be conditional. PR 27951.
[Vincent Deffontaines <vincent gryzor.com>, Andr� Malo]