You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by ch...@apache.org on 2008/03/25 19:21:33 UTC

svn commit: r640932 - in /httpd/httpd/trunk: CHANGES modules/aaa/mod_authz_dbd.c

Author: chrisd
Date: Tue Mar 25 11:21:32 2008
New Revision: 640932

URL: http://svn.apache.org/viewvc?rev=640932&view=rev
Log:
Return AUTHZ_GRANTED not AUTHZ_DENIED when redirecting after
successful login/logout.  Use redirection URL from first row returned
by DB query, in the same manner as that used by mod_authn_dbd when
querying for a single record.

Modified:
    httpd/httpd/trunk/CHANGES
    httpd/httpd/trunk/modules/aaa/mod_authz_dbd.c

Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=640932&r1=640931&r2=640932&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Tue Mar 25 11:21:32 2008
@@ -2,6 +2,11 @@
 Changes with Apache 2.3.0
 [ When backported to 2.2.x, remove entry from this file ]
 
+  *) mod_authz_dbd: When redirecting after successful login/logout per
+     AuthzDBDRedirectQuery, do not report authorization failure, and use
+     first row returned by database query instead of last row.
+     [Chris Darroch]
+
   *) mod_rewrite: Initialize hash needed by ap_register_rewrite_mapfunc early
      enough. PR 44641 [Daniel Lescohier <daniel.lescohier cnet.com>]
 

Modified: httpd/httpd/trunk/modules/aaa/mod_authz_dbd.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/aaa/mod_authz_dbd.c?rev=640932&r1=640931&r2=640932&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/aaa/mod_authz_dbd.c (original)
+++ httpd/httpd/trunk/modules/aaa/mod_authz_dbd.c Tue Mar 25 11:21:32 2008
@@ -164,15 +164,16 @@
             for (rv = apr_dbd_get_row(dbd->driver, r->pool, res, &row, -1);
                  rv != -1;
                  rv = apr_dbd_get_row(dbd->driver, r->pool, res, &row, -1)) {
-                if (rv == 0) {
-                    newuri = apr_dbd_get_entry(dbd->driver, row, 0);
-                }
-                else {
+                if (rv != 0) {
                     message = apr_dbd_error(dbd->driver, dbd->handle, rv);
                     ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
                           "authz_dbd in get_row; action=%s user=%s [%s]",
                           action, r->user, message?message:noerror);
                 }
+                else if (newuri == NULL) {
+                    newuri = apr_dbd_get_entry(dbd->driver, row, 0);
+                }
+                /* we can't break out here or row won't get cleaned up */
             }
         }
         else {
@@ -185,13 +186,9 @@
     if (newuri != NULL) {
         r->status = HTTP_MOVED_TEMPORARILY;
         apr_table_set(r->err_headers_out, "Location", newuri);
-        rv = HTTP_MOVED_TEMPORARILY;
-    }
-    else {
-        rv = OK;
     }
-    authz_dbd_run_client_login(r, rv, action);
-    return rv;
+    authz_dbd_run_client_login(r, OK, action);
+    return OK;
 }
 
 static int authz_dbd_group_query(request_rec *r, authz_dbd_cfg *cfg,