httpd-modules-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sorin Manolache <sor...@gmail.com>
Subject Re: Developing Authn/Authz Modules
Date Mon, 03 Oct 2011 13:24:06 GMT
On Sat, Oct 1, 2011 at 23:05, Suneet Shah <suneetshah2000@gmail.com> wrote:
> Hello,
>
> I am trying to build my apache module which needs to carry out
> authentication and authorization functions based on the value of a cookie.
> To start with, I have just created a shell with the intent that I wanted the
> functions for authentication and authorization being called.
> However, it does not appear that these functions are being called. I have
> pasted by configuration and code below.
>
> When I try to access  http://localhost/test_rpc/ I get the login.html that
> is defined in my ErrorDocument below.
> But when I look in the log file, I see the following.
> Since its looking for a userId, I am wondering if there is an error in my
> configuration
>
> [Sat Oct 01 16:37:29 2011] [debug] prefork.c(996): AcceptMutex: sysvsem
> (default: sysvsem)
> [Sat Oct 01 16:38:08 2011] [error] [client 127.0.0.1] access to
> /test_rpc/header.jsp failed, reason: verification of user id '<null>' not
> configured

You have not hooked check_user_id. In this case the default
check_user_id of mod_authn_default is called. The mod_authn_default
module rejects the request by default and gives you the "verification
of user id '<null>'" log line.

Hook check_user_id instead of auth_checker. Set r->user in
check_user_id. I think setting r->user is not mandatory but it gives
you more precise log messages.

Use return OK (OK is 0) and not return HTTP_OK (HTTP_OK is 200) in your hooks.

S

>
> Any guidance on what I am doing wrong would be greatly appreciate.
>
> Regards
> Suneet
>
>
> -- Configuration in Httpd.conf
>
> <Location />
>   IAM_CookieName IAM_PARAM
>   IAM_TokenParam tkn
>   IAM_Service_base_url "http://localhost:8080/"
>   ErrorDocument 401 "/login.html"
>   AuthType IAMToken
>   AuthName "IAM Login"
>   AuthCookie_Authoritative On
>  </Location>
>
> <Location /test_rpc/>
>    ProxyPass http://localhost:9080/test_rpc
>
>    require tkn
> </Location>
>
> ----- Module Code
> static int authz_dbd_check(request_rec *r) {
>
>    ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, "authz_dbd_check
> called");
>    return HTTP_OK;
> }
>
> static int check_token(request_rec *r) {
>
>     ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, "chedk_token
> called.");
>    return OK;
> }
>
> static void authz_dbd_hooks(apr_pool_t *p)
> {
>    ap_hook_auth_checker(check_token, NULL, NULL, APR_HOOK_MIDDLE);
>    ap_hook_auth_checker(authz_dbd_check, NULL, NULL, APR_HOOK_MIDDLE);
> }
> module AP_MODULE_DECLARE_DATA authz_dbd_module =
> {
>    STANDARD20_MODULE_STUFF,
>    authz_dbd_cr_cfg,
>    NULL,
>    NULL,
>    NULL,
>    authz_dbd_cmds,
>    authz_dbd_hooks
> };
>

Mime
View raw message