httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bnicho...@apache.org
Subject svn commit: r359176 - in /httpd/httpd/branches/authz-dev/modules/aaa: mod_auth.h mod_authz_core.c
Date Tue, 27 Dec 2005 05:29:46 GMT
Author: bnicholes
Date: Mon Dec 26 21:29:37 2005
New Revision: 359176

URL: http://svn.apache.org/viewcvs?rev=359176&view=rev
Log:
Implement the 'Reject' directive into authz.  The 'Reject' directive acts just like a NOT
Require.

Modified:
    httpd/httpd/branches/authz-dev/modules/aaa/mod_auth.h
    httpd/httpd/branches/authz-dev/modules/aaa/mod_authz_core.c

Modified: httpd/httpd/branches/authz-dev/modules/aaa/mod_auth.h
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/authz-dev/modules/aaa/mod_auth.h?rev=359176&r1=359175&r2=359176&view=diff
==============================================================================
--- httpd/httpd/branches/authz-dev/modules/aaa/mod_auth.h (original)
+++ httpd/httpd/branches/authz-dev/modules/aaa/mod_auth.h Mon Dec 26 21:29:37 2005
@@ -107,6 +107,7 @@
     int req_state_level;
     /** String following 'require <provider>' from config file */
     char *requirement;
+    int is_reject;
 };
 
 #ifdef __cplusplus

Modified: httpd/httpd/branches/authz-dev/modules/aaa/mod_authz_core.c
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/authz-dev/modules/aaa/mod_authz_core.c?rev=359176&r1=359175&r2=359176&view=diff
==============================================================================
--- httpd/httpd/branches/authz-dev/modules/aaa/mod_authz_core.c (original)
+++ httpd/httpd/branches/authz-dev/modules/aaa/mod_authz_core.c Mon Dec 26 21:29:37 2005
@@ -166,6 +166,7 @@
                                         newp->provider_name, "0");
     newp->req_state = conf->req_state;
     newp->req_state_level = conf->req_state_level;
+    newp->is_reject = (int)cmd->info;
 
     /* by the time the config file is used, the provider should be loaded
      * and registered with us.
@@ -433,6 +434,9 @@
     AP_INIT_RAW_ARGS("Require", add_authz_provider, NULL, OR_AUTHCFG,
                      "Selects which authenticated users or groups may access "
                      "a protected space"),
+    AP_INIT_RAW_ARGS("Reject", add_authz_provider, (void*)1, OR_AUTHCFG,
+                     "Rejects the specified authenticated users or groups from accessing
"
+                     "a protected space"),
     AP_INIT_RAW_ARGS("<RequireAlias", authz_require_alias_section, NULL, RSRC_CONF,
                      "Container for authorization directives grouped under "
                      "an authz provider alias"),
@@ -482,6 +486,14 @@
 
     auth_result = provider->check_authorization(r,
                     current_provider->requirement);
+
+    if (auth_result == AUTHZ_GENERAL_ERROR) {
+        return auth_result;
+    }
+
+    if (current_provider->is_reject) {
+        auth_result = auth_result == AUTHZ_DENIED ? AUTHZ_GRANTED : AUTHZ_DENIED;
+    }
 
     apr_table_unset(r->notes, AUTHZ_PROVIDER_NAME_NOTE);
 



Mime
View raw message