httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben Collins <bcoll...@debian.org>
Subject [users@httpd] Re: Auth/Access ordering causing me problems
Date Sun, 18 Apr 2004 15:09:59 GMT
I figured out a solution to my problem. Looks like a total hack, but it
works. I put this function in my auth module as a work around:

/* Total hack to make sure we recheck the finfo against a file/dir which
 * might have just been mounted. */
static int pam_override(request_rec *r)
{
        int apache_status;

        if (!r->finfo.filetype) {
                if (apr_stat(&r->finfo, r->filename, APR_FINFO_MIN, r->pool)
!= APR_SUCCESS)
                        return OK;
                r->path_info[0] = '\0';
                if ((apache_status = ap_run_map_to_storage(r)))
                        return apache_status;
                if ((apache_status = ap_location_walk(r)))
                        return apache_status;
        }

        return OK;
}

If anyone sees a possible problem with this, let me know.

On Sat, Apr 17, 2004 at 04:17:10PM -0400, Ben Collins wrote:
> I am running apache2, and I'm trying to run a somewhat strange setup. I
> have some file systems that I am exporting via mod_dav_fs. These
> filesystems need to be mounted when the user logs in via
> mod-auth-pam/pam-mount.
> 
> This auth/mount scheme works just fine. The only problem I am having is
> that apache attempts to verify the existence of the translated path
> before doing the auth.
> 
> What this means is that on the first connection, the path is checked,
> 404'd, the auth happens, and then I get a Not Found message. If I
> immediately connect again (since the file system is now mounted) it
> succeeds. I have a daemon running in background that auto-unmounts after
> some time.
> 
> Is there a way I can modify mod-auth-pam to "fool" apache2 into ignoring
> the fact that the path doesn't exist before the auth? I'm just looking
> for the right hook/logic to do this in mod-auth-pam, so it can intercept
> locations that it knows are going to be mapped under it's auth scheme.
> 
> Maybe doing this in mod-alias would be easier...I dunno.
> 
> -- 
> Debian     - http://www.debian.org/
> Linux 1394 - http://www.linux1394.org/
> Subversion - http://subversion.tigris.org/
> WatchGuard - http://www.watchguard.com/

-- 
Debian     - http://www.debian.org/
Linux 1394 - http://www.linux1394.org/
Subversion - http://subversion.tigris.org/
WatchGuard - http://www.watchguard.com/

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message