Add MellonCookieDomain and MellonCookiePath directives
These allows respectively to set the domain and the path of the domain of the mellon cookie. Without these the domain defaults to the domain return by ap_get_server_name() (see http://httpd.apache.org/dev/apidoc/apidoc_ap_get_server_name.html) and the path to "/". git-svn-id: https://modmellon.googlecode.com/svn/trunk/mod_mellon2@120 a716ebb1-153a-0410-b759-cfb97c6a1b53
This commit is contained in:
parent
900f46ce16
commit
f2f5880039
11
README
11
README
|
@ -186,6 +186,17 @@ MellonPostCount 100
|
|||
# Default: Off
|
||||
MellonSecureCookie On
|
||||
|
||||
# MellonCookieDomain allows to specify of the cookie which auth_mellon
|
||||
# will set.
|
||||
# Default: the domain for the received request (the Host: header if
|
||||
# present, of the ServerName of the VirtualHost declaration, or if
|
||||
# absent a reverse resolution on the local IP)
|
||||
# MellonCookieDomain example.com
|
||||
|
||||
# MellonCookiePath is the path of the cookie which auth_mellon will set.
|
||||
# Default: /
|
||||
MellonCookiePath /
|
||||
|
||||
# MellonUser selects which attribute we should use for the username.
|
||||
# The username is passed on to other apache modules and to the web
|
||||
# page the user visits. NAME_ID is an attribute which we set to
|
||||
|
|
|
@ -163,6 +163,8 @@ typedef struct am_dir_cfg_rec {
|
|||
|
||||
const char *varname;
|
||||
int secure;
|
||||
const char *cookie_domain;
|
||||
const char *cookie_path;
|
||||
apr_array_header_t *cond;
|
||||
apr_hash_t *envattr;
|
||||
const char *userattr;
|
||||
|
|
|
@ -816,6 +816,22 @@ const command_rec auth_mellon_commands[] = {
|
|||
"Whether the cookie set by auth_mellon should have HttpOnly and"
|
||||
" secure flags set. Default is off."
|
||||
),
|
||||
AP_INIT_TAKE1(
|
||||
"MellonCookieDomain",
|
||||
ap_set_string_slot,
|
||||
(void *)APR_OFFSETOF(am_dir_cfg_rec, cookie_domain),
|
||||
OR_AUTHCFG,
|
||||
"The domain of the cookie which auth_mellon will set. Defaults to"
|
||||
" the domain of the current request."
|
||||
),
|
||||
AP_INIT_TAKE1(
|
||||
"MellonCookiePath",
|
||||
ap_set_string_slot,
|
||||
(void *)APR_OFFSETOF(am_dir_cfg_rec, cookie_path),
|
||||
OR_AUTHCFG,
|
||||
"The path of the cookie which auth_mellon will set. Defaults to"
|
||||
" '/'."
|
||||
),
|
||||
AP_INIT_TAKE1(
|
||||
"MellonUser",
|
||||
ap_set_string_slot,
|
||||
|
@ -1051,6 +1067,8 @@ void *auth_mellon_dir_config(apr_pool_t *p, char *d)
|
|||
dir->varname = default_cookie_name;
|
||||
dir->secure = default_secure_cookie;
|
||||
dir->cond = apr_array_make(p, 0, sizeof(am_cond_t));
|
||||
dir->cookie_domain = NULL;
|
||||
dir->cookie_path = NULL;
|
||||
dir->envattr = apr_hash_make(p);
|
||||
dir->userattr = default_user_attribute;
|
||||
dir->idpattr = NULL;
|
||||
|
@ -1123,11 +1141,18 @@ void *auth_mellon_dir_merge(apr_pool_t *p, void *base, void *add)
|
|||
add_cfg->varname :
|
||||
base_cfg->varname);
|
||||
|
||||
|
||||
|
||||
new_cfg->secure = (add_cfg->secure != default_secure_cookie ?
|
||||
add_cfg->secure :
|
||||
base_cfg->secure);
|
||||
|
||||
new_cfg->cookie_domain = (add_cfg->cookie_domain != NULL ?
|
||||
add_cfg->cookie_domain :
|
||||
base_cfg->cookie_domain);
|
||||
|
||||
new_cfg->cookie_path = (add_cfg->cookie_path != NULL ?
|
||||
add_cfg->cookie_path :
|
||||
base_cfg->cookie_path);
|
||||
|
||||
new_cfg->cond = apr_array_copy(p,
|
||||
(!apr_is_empty_array(add_cfg->cond)) ?
|
||||
|
|
|
@ -141,16 +141,27 @@ void am_cookie_set(request_rec *r, const char *id)
|
|||
const char *name;
|
||||
char *cookie;
|
||||
int secure_cookie;
|
||||
const char *cookie_domain = ap_get_server_name(r);
|
||||
const char *cookie_path = "/";
|
||||
am_dir_cfg_rec *cfg = am_get_dir_cfg(r);
|
||||
|
||||
if (id == NULL)
|
||||
return;
|
||||
|
||||
secure_cookie = ((am_dir_cfg_rec *)am_get_dir_cfg(r))->secure;
|
||||
if (cfg->cookie_domain) {
|
||||
cookie_domain = cfg->cookie_domain;
|
||||
}
|
||||
|
||||
if (cfg->cookie_path) {
|
||||
cookie_path = cfg->cookie_path;
|
||||
}
|
||||
|
||||
secure_cookie = cfg->secure;
|
||||
name = am_cookie_name(r);
|
||||
|
||||
cookie = apr_psprintf(r->pool,
|
||||
"%s=%s; Version=1; Path=/; Domain=%s%s;",
|
||||
name, id, r->server->server_hostname,
|
||||
"%s=%s; Version=1; Path=%s; Domain=%s%s;",
|
||||
name, id, cookie_path, cookie_domain,
|
||||
secure_cookie ? "; HttpOnly; secure" : "");
|
||||
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
|
||||
"cookie_set: %s", cookie);
|
||||
|
|
Loading…
Reference in New Issue