entrouvert
/
modmellon
17
0
Fork 0
Code Issues Pull Requests Releases Activity

Add MellonCookieDomain and MellonCookiePath directives 

These allows respectively to set the domain and the path of the domain
of the mellon cookie. Without these the domain defaults to the domain
return by ap_get_server_name() (see
http://httpd.apache.org/dev/apidoc/apidoc_ap_get_server_name.html)
and the path to "/".

git-svn-id: https://modmellon.googlecode.com/svn/trunk/mod_mellon2@120 a716ebb1-153a-0410-b759-cfb97c6a1b53
This commit is contained in:
benjamin.dauvergne 2011-04-07 11:32:26 +00:00
parent 900f46ce16
commit f2f5880039
4 changed files with 53 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
README
View File

@ -186,6 +186,17 @@ MellonPostCount 100
# Default: Off
MellonSecureCookie On
# MellonCookieDomain allows to specify of the cookie which auth_mellon
# will set.
# Default: the domain for the received request (the Host: header if
# present, of the ServerName of the VirtualHost declaration, or if
# absent a reverse resolution on the local IP)
# MellonCookieDomain example.com
# MellonCookiePath is the path of the cookie which auth_mellon will set.
# Default: /
MellonCookiePath /
# MellonUser selects which attribute we should use for the username.
# The username is passed on to other apache modules and to the web
# page the user visits. NAME_ID is an attribute which we set to

2
auth_mellon.h
View File

@ -163,6 +163,8 @@ typedef struct am_dir_cfg_rec {
const char *varname;
int secure;
const char *cookie_domain;
const char *cookie_path;
apr_array_header_t *cond;
apr_hash_t *envattr;
const char *userattr;

27
auth_mellon_config.c
View File

@ -816,6 +816,22 @@ const command_rec auth_mellon_commands[] = {
"Whether the cookie set by auth_mellon should have HttpOnly and"
" secure flags set. Default is off."
),
AP_INIT_TAKE1(
"MellonCookieDomain",
ap_set_string_slot,
(void *)APR_OFFSETOF(am_dir_cfg_rec, cookie_domain),
OR_AUTHCFG,
"The domain of the cookie which auth_mellon will set. Defaults to"
" the domain of the current request."
),
AP_INIT_TAKE1(
"MellonCookiePath",
ap_set_string_slot,
(void *)APR_OFFSETOF(am_dir_cfg_rec, cookie_path),
OR_AUTHCFG,
"The path of the cookie which auth_mellon will set. Defaults to"
" '/'."
),
AP_INIT_TAKE1(
"MellonUser",
ap_set_string_slot,
@ -1051,6 +1067,8 @@ void *auth_mellon_dir_config(apr_pool_t *p, char *d)
dir->varname = default_cookie_name;
dir->secure = default_secure_cookie;
dir->cond = apr_array_make(p, 0, sizeof(am_cond_t));
dir->cookie_domain = NULL;
dir->cookie_path = NULL;
dir->envattr = apr_hash_make(p);
dir->userattr = default_user_attribute;
dir->idpattr = NULL;
@ -1123,11 +1141,18 @@ void *auth_mellon_dir_merge(apr_pool_t *p, void *base, void *add)
add_cfg->varname :
base_cfg->varname);
new_cfg->secure = (add_cfg->secure != default_secure_cookie ?
add_cfg->secure :
base_cfg->secure);
new_cfg->cookie_domain = (add_cfg->cookie_domain != NULL ?
add_cfg->cookie_domain :
base_cfg->cookie_domain);
new_cfg->cookie_path = (add_cfg->cookie_path != NULL ?
add_cfg->cookie_path :
base_cfg->cookie_path);
new_cfg->cond = apr_array_copy(p,
(!apr_is_empty_array(add_cfg->cond)) ?

17
auth_mellon_cookie.c
View File

@ -141,16 +141,27 @@ void am_cookie_set(request_rec *r, const char *id)
const char *name;
char *cookie;
int secure_cookie;
const char *cookie_domain = ap_get_server_name(r);
const char *cookie_path = "/";
am_dir_cfg_rec *cfg = am_get_dir_cfg(r);
if (id == NULL)
return;
secure_cookie = ((am_dir_cfg_rec *)am_get_dir_cfg(r))->secure;
if (cfg->cookie_domain) {
cookie_domain = cfg->cookie_domain;
}
if (cfg->cookie_path) {
cookie_path = cfg->cookie_path;
}
secure_cookie = cfg->secure;
name = am_cookie_name(r);
cookie = apr_psprintf(r->pool,
"%s=%s; Version=1; Path=/; Domain=%s%s;",
name, id, r->server->server_hostname,
"%s=%s; Version=1; Path=%s; Domain=%s%s;",
name, id, cookie_path, cookie_domain,
secure_cookie ? "; HttpOnly; secure" : "");
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
"cookie_set: %s", cookie);