Return-Path: X-Original-To: apmail-tuscany-commits-archive@www.apache.org Delivered-To: apmail-tuscany-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 222AE91F7 for ; Sun, 18 Dec 2011 20:19:38 +0000 (UTC) Received: (qmail 29243 invoked by uid 500); 18 Dec 2011 20:19:38 -0000 Delivered-To: apmail-tuscany-commits-archive@tuscany.apache.org Received: (qmail 29204 invoked by uid 500); 18 Dec 2011 20:19:38 -0000 Mailing-List: contact commits-help@tuscany.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@tuscany.apache.org Delivered-To: mailing list commits@tuscany.apache.org Received: (qmail 29197 invoked by uid 99); 18 Dec 2011 20:19:37 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 18 Dec 2011 20:19:37 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 18 Dec 2011 20:19:34 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id C6973238889B for ; Sun, 18 Dec 2011 20:19:13 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1220526 - in /tuscany/sca-cpp/trunk: modules/http/ modules/oauth/ modules/openid/ modules/server/ samples/store-cluster/ samples/store-vhost/ Date: Sun, 18 Dec 2011 20:19:12 -0000 To: commits@tuscany.apache.org From: jsdelfino@apache.org X-Mailer: svnmailer-1.0.8-patched Message-Id: <20111218201913.C6973238889B@eris.apache.org> Author: jsdelfino Date: Sun Dec 18 20:19:11 2011 New Revision: 1220526 URL: http://svn.apache.org/viewvc?rev=1220526&view=rev Log: Add ability to configure an HTTPS proxy with load balancing over a set of HTTP backend servers and get OAuth authentication working with that topology. Added: tuscany/sca-cpp/trunk/modules/http/proxy-ssl-nossl-member-conf - copied, changed from r1214044, tuscany/sca-cpp/trunk/modules/http/proxy-member-conf Modified: tuscany/sca-cpp/trunk/modules/http/Makefile.am tuscany/sca-cpp/trunk/modules/http/basic-auth-conf tuscany/sca-cpp/trunk/modules/http/cert-auth-conf tuscany/sca-cpp/trunk/modules/http/form-auth-conf tuscany/sca-cpp/trunk/modules/http/group-auth-conf tuscany/sca-cpp/trunk/modules/http/httpd-conf tuscany/sca-cpp/trunk/modules/http/httpd-ssl-conf tuscany/sca-cpp/trunk/modules/http/httpd.hpp tuscany/sca-cpp/trunk/modules/http/open-auth-conf tuscany/sca-cpp/trunk/modules/http/proxy-conf tuscany/sca-cpp/trunk/modules/http/proxy-member-conf tuscany/sca-cpp/trunk/modules/http/proxy-ssl-conf tuscany/sca-cpp/trunk/modules/http/proxy-ssl-member-conf tuscany/sca-cpp/trunk/modules/http/vhost-conf tuscany/sca-cpp/trunk/modules/http/vhost-ssl-conf tuscany/sca-cpp/trunk/modules/oauth/mod-oauth1.cpp tuscany/sca-cpp/trunk/modules/oauth/mod-oauth2.cpp tuscany/sca-cpp/trunk/modules/oauth/oauth-conf tuscany/sca-cpp/trunk/modules/openid/openid-conf tuscany/sca-cpp/trunk/modules/openid/openid-step2-conf tuscany/sca-cpp/trunk/modules/server/mod-eval.hpp tuscany/sca-cpp/trunk/modules/server/mod-wiring.cpp tuscany/sca-cpp/trunk/modules/server/server-conf tuscany/sca-cpp/trunk/samples/store-cluster/server-conf tuscany/sca-cpp/trunk/samples/store-cluster/server-ssl-conf tuscany/sca-cpp/trunk/samples/store-vhost/ssl-start tuscany/sca-cpp/trunk/samples/store-vhost/start tuscany/sca-cpp/trunk/samples/store-vhost/uec2-start Modified: tuscany/sca-cpp/trunk/modules/http/Makefile.am URL: http://svn.apache.org/viewvc/tuscany/sca-cpp/trunk/modules/http/Makefile.am?rev=1220526&r1=1220525&r2=1220526&view=diff ============================================================================== --- tuscany/sca-cpp/trunk/modules/http/Makefile.am (original) +++ tuscany/sca-cpp/trunk/modules/http/Makefile.am Sun Dec 18 20:19:11 2011 @@ -20,7 +20,7 @@ INCLUDES = -I${HTTPD_INCLUDE} incl_HEADERS = *.hpp incldir = $(prefix)/include/modules/http -dist_mod_SCRIPTS = httpd-conf httpd-addr httpd-start httpd-stop httpd-restart ssl-ca-conf ssl-cert-conf ssl-cert-find httpd-ssl-conf basic-auth-conf cert-auth-conf form-auth-conf open-auth-conf passwd-auth-conf group-auth-conf proxy-conf proxy-ssl-conf proxy-member-conf proxy-ssl-member-conf vhost-conf vhost-ssl-conf tunnel-ssl-conf httpd-worker-conf httpd-event-conf minify-html minify-js minify-css +dist_mod_SCRIPTS = httpd-conf httpd-addr httpd-start httpd-stop httpd-restart ssl-ca-conf ssl-cert-conf ssl-cert-find httpd-ssl-conf basic-auth-conf cert-auth-conf form-auth-conf open-auth-conf passwd-auth-conf group-auth-conf proxy-conf proxy-ssl-conf proxy-member-conf proxy-ssl-member-conf proxy-ssl-nossl-member-conf vhost-conf vhost-ssl-conf tunnel-ssl-conf httpd-worker-conf httpd-event-conf minify-html minify-js minify-css moddir = $(prefix)/modules/http curl_test_SOURCES = curl-test.cpp Modified: tuscany/sca-cpp/trunk/modules/http/basic-auth-conf URL: http://svn.apache.org/viewvc/tuscany/sca-cpp/trunk/modules/http/basic-auth-conf?rev=1220526&r1=1220525&r2=1220526&view=diff ============================================================================== --- tuscany/sca-cpp/trunk/modules/http/basic-auth-conf (original) +++ tuscany/sca-cpp/trunk/modules/http/basic-auth-conf Sun Dec 18 20:19:11 2011 @@ -25,6 +25,13 @@ root=`echo "import os; print os.path.rea conf=`cat $root/conf/httpd.conf | grep "# Generated by: httpd-conf"` host=`echo $conf | awk '{ print $6 }'` +# Disallow public access to server resources +cat >$root/conf/noauth.conf <>$root/conf/auth.conf <$root/conf/noauth.conf <>$root/conf/auth.conf <$root/conf/noauth.conf <>$root/conf/auth.conf <$root/conf/noauth.conf <$root/conf/.httpd.groups.tmp 2>/dev/null cp $root/conf/.httpd.groups.tmp $root/conf/httpd.groups @@ -35,7 +42,6 @@ if [ "$conf" = "" ]; then # Generated by: group-auth-conf $1 # Allow group member access to root location -AuthGroupFile "$root/conf/httpd.groups" Require group members Modified: tuscany/sca-cpp/trunk/modules/http/httpd-conf URL: http://svn.apache.org/viewvc/tuscany/sca-cpp/trunk/modules/http/httpd-conf?rev=1220526&r1=1220525&r2=1220526&view=diff ============================================================================== --- tuscany/sca-cpp/trunk/modules/http/httpd-conf (original) +++ tuscany/sca-cpp/trunk/modules/http/httpd-conf Sun Dec 18 20:19:11 2011 @@ -114,29 +114,9 @@ Require all denied # Configure authentication +Include conf/noauth.conf Include conf/auth.conf - -# Allow access to public locations - -AuthType None -Require all granted - - -AuthType None -Require all granted - - -AuthType None -Require all granted - - -AuthType None -Require all granted - - -AuthType None -Require all granted - +Include conf/pubauth.conf # Configure output filters to enable compression and rate limiting @@ -165,21 +145,6 @@ RewriteRule .* http://$host$pportsuffix% Include conf/svhost.conf - -# Allow access to document root - -Options FollowSymLinks -AuthType None -Require all granted - - -# Allow access to root location - -Options FollowSymLinks -AuthType None -Require all granted - - EOF @@ -245,6 +210,7 @@ LoadModule logio_module ${modules_prefix LoadModule usertrack_module ${modules_prefix}/modules/mod_usertrack.so LoadModule vhost_alias_module ${modules_prefix}/modules/mod_vhost_alias.so LoadModule cgi_module ${modules_prefix}/modules/mod_cgi.so +LoadModule actions_module ${modules_prefix}/modules/mod_actions.so LoadModule unixd_module ${modules_prefix}/modules/mod_unixd.so LoadModule session_module ${modules_prefix}/modules/mod_session.so LoadModule session_crypto_module ${modules_prefix}/modules/mod_session_crypto.so @@ -261,7 +227,7 @@ EOF # Generate auth configuration cat >$root/conf/auth.conf < @@ -273,13 +239,50 @@ Require all granted Options FollowSymLinks AuthUserFile "$root/conf/httpd.passwd" +AuthGroupFile "$root/conf/httpd.groups" Require all granted -# Mark login page with a header +EOF + +cat >$root/conf/pubauth.conf < +AuthType None +Require all granted +# Mark login page with a header Header set X-Login open-auth + +AuthType None +Require all granted + + +AuthType None +Require all granted + + +AuthType None +Require all granted + + +AuthType None +Require all granted + + +# Allow the server admin to view the server status and info + +SetHandler server-status +HostnameLookups on +Require user admin + + + +SetHandler server-info +HostnameLookups on +Require user admin + EOF @@ -292,6 +295,26 @@ cat >$root/conf/httpd.groups <$root/conf/noauth.conf < +AuthType None +Require all granted + + +# Allow everyone to access root location + +AuthType None +Require all granted + + +EOF + # Generate vhost configuration cat >$root/conf/vhost.conf < Include conf/svhost-ssl.conf - -# Allow the server admin to view the server status - -SetHandler server-status -HostnameLookups on -Require user admin - - - -SetHandler server-info -HostnameLookups on -Require user admin - EOF @@ -142,7 +129,7 @@ Include conf/log-ssl.conf # Enable HTTPS reverse proxy ProxyRequests Off -ProxyPreserveHost Off +ProxyPreserveHost On ProxyStatus On SSLProxyEngine on SSLProxyCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL Modified: tuscany/sca-cpp/trunk/modules/http/httpd.hpp URL: http://svn.apache.org/viewvc/tuscany/sca-cpp/trunk/modules/http/httpd.hpp?rev=1220526&r1=1220525&r2=1220526&view=diff ============================================================================== --- tuscany/sca-cpp/trunk/modules/http/httpd.hpp (original) +++ tuscany/sca-cpp/trunk/modules/http/httpd.hpp Sun Dec 18 20:19:11 2011 @@ -79,6 +79,7 @@ #include "list.hpp" #include "value.hpp" #include "monad.hpp" +#include "http.hpp" namespace tuscany { @@ -119,31 +120,6 @@ template C& dirConf(const vo } /** - * Return the name of a server. - */ -const string serverName(const server_rec* s, const string& def = "localhost") { - ostringstream n; - n << (s->server_scheme != NULL? s->server_scheme : "http") << "://" - << (s->server_hostname != NULL? s->server_hostname : def) << ":" - << (s->port != 0? s->port : 80) - << (s->path != NULL? string(s->path, s->pathlen) : ""); - return str(n); -} - -/** - * Determine the name of a server from an HTTP request. - */ -const string serverName(request_rec* r, const string& def = "localhost") { - ostringstream n; - const char* hn = ap_get_server_name(r); - n << (r->server->server_scheme != NULL? r->server->server_scheme : "http") << "://" - << (hn != NULL? hn : (r->server->server_hostname != NULL? r->server->server_hostname : def)) << ":" - << (r->server->port != 0? r->server->port : 80) - << (r->server->path != NULL? string(r->server->path, r->server->pathlen) : ""); - return str(n); -} - -/** * Return the host name for a server. */ const string hostName(const server_rec* s, const string& def = "localhost") { @@ -154,15 +130,11 @@ const string hostName(const server_rec* * Return the host name from an HTTP request. */ const string hostName(request_rec* r, const string& def = "localhost") { - const char* hn = ap_get_server_name(r); - return hn != NULL? hn : (r->server->server_hostname != NULL? r->server->server_hostname : def); -} - -/** - * Return true if a request is targeting a virtual host. - */ -const bool isVirtualHostRequest(const server_rec* s, request_rec* r) { - return hostName(r) != hostName(s); + const char* fh = apr_table_get(r->headers_in, "X-Forwarded-Server"); + if (fh != NULL) + return fh; + const char* h = ap_get_server_name(r); + return h != NULL? h : (r->server->server_hostname != NULL? r->server->server_hostname : def); } /** @@ -176,6 +148,9 @@ const string scheme(const server_rec* s, * Return the protocol scheme from an HTTP request. */ const string scheme(request_rec* r, const string& def = "http") { + const char* fs = apr_table_get(r->headers_in, "X-Forwarded-HTTPS"); + if (fs != NULL) + return !strcmp(fs, "on")? "https" : "http"; return r->server->server_scheme != NULL? r->server->server_scheme : def; } @@ -190,7 +165,49 @@ const int port(const server_rec* s, cons * Return the port number from an HTTP request. */ const int port(request_rec* r, const int def = 80) { - return r->server->port != 0? r->server->port : def; + const char* fp = apr_table_get(r->headers_in, "X-Forwarded-Port"); + if (fp != NULL) + return atoi(fp); + const int p = ap_get_server_port(r); + return p != 0? p : def; +} + +/** + * Return the name of a server. + */ +const string serverName(const server_rec* s, const string& def = "localhost") { + ostringstream n; + const string sc = scheme(s); + const string h = hostName(s, def); + const int p = port(s, sc == "https"? 443 : 80); + n << sc << "://" << h; + if (!((sc == "http" && p == 80) || (sc == "https" && p == 443))) + n << ":" << p; + n << (s->path != NULL? string(s->path, s->pathlen) : ""); + return str(n); +} + +/** + * Determine the name of a server from an HTTP request. + */ +const string serverName(request_rec* r, const string& def = "localhost") { + ostringstream n; + const string s = scheme(r); + const string h = hostName(r, def); + const int p = port(r, s == "https"? 443 : 80); + n << s << "://" << h; + if (!((s == "http" && p == 80) || (s == "https" && p == 443))) + n << ":" << p; + n << (r->server->path != NULL? string(r->server->path, r->server->pathlen) : ""); + return str(n); +} + +/** + * Return true if a request is targeting a virtual host. + */ +const bool isVirtualHostRequest(const server_rec* s, const string& d, request_rec* r) { + const string rh = hostName(r); + return rh != hostName(s) && http::topDomain(rh) == d; } /** @@ -223,18 +240,25 @@ const list pathInfo(const list& p, request_rec* r) { - const string u = uri + path(p); - return ap_construct_url(r->pool, c_str(u), r); +const string url(const string& uri, request_rec* r) { + ostringstream n; + const string s = scheme(r); + const string h = hostName(r, "localhost"); + const int p = port(r, s == "https"? 443 : 80); + n << s << "://" << h; + if (!((s == "http" && p == 80) || (s == "https" && p == 443))) + n << ":" << p; + n << uri; + return str(n); } /** - * Convert a URI to an absolute URL. + * Convert a URI and a path to an absolute URL. */ -const string url(const string& uri, request_rec* r) { - return ap_construct_url(r->pool, c_str(uri), r); +const string url(const string& uri, const list& p, request_rec* r) { + return url(uri + path(p), r); } /** Modified: tuscany/sca-cpp/trunk/modules/http/open-auth-conf URL: http://svn.apache.org/viewvc/tuscany/sca-cpp/trunk/modules/http/open-auth-conf?rev=1220526&r1=1220525&r2=1220526&view=diff ============================================================================== --- tuscany/sca-cpp/trunk/modules/http/open-auth-conf (original) +++ tuscany/sca-cpp/trunk/modules/http/open-auth-conf Sun Dec 18 20:19:11 2011 @@ -27,6 +27,13 @@ host=`echo $conf | awk '{ print $6 }'` pw=`cat $root/cert/ca.key | head -2 | tail -1` +# Disallow public access to server resources +cat >$root/conf/noauth.conf <>$root/conf/auth.conf < + +RequestHeader set X-Forwarded-HTTPS %{HTTPS}s +RequestHeader set X-Forwarded-Port %{SERVER_PORT}s + + EOF Modified: tuscany/sca-cpp/trunk/modules/http/proxy-member-conf URL: http://svn.apache.org/viewvc/tuscany/sca-cpp/trunk/modules/http/proxy-member-conf?rev=1220526&r1=1220525&r2=1220526&view=diff ============================================================================== --- tuscany/sca-cpp/trunk/modules/http/proxy-member-conf (original) +++ tuscany/sca-cpp/trunk/modules/http/proxy-member-conf Sun Dec 18 20:19:11 2011 @@ -24,12 +24,17 @@ root=`echo "import os; print os.path.rea host=$2 port=`$here/httpd-addr port $3` +if [ "$port" = "80" ]; then + portsuffix="" +else + portsuffix=":$port" +fi cat >>$root/conf/vhost.conf < + +RequestHeader set X-Forwarded-HTTPS %{HTTPS}s +RequestHeader set X-Forwarded-Port %{SERVER_PORT}s + + EOF cat >>$root/conf/svhost-ssl.conf <>$root/conf/svhost-ssl.conf <>$root/conf/vhost-ssl.conf <>$root/conf/dvhost-ssl.conf <>$root/conf/vhost.conf <>$root/conf/vhost-ssl.conf < -Options FollowSymLinks -AuthType None -Require all granted - - EOF Modified: tuscany/sca-cpp/trunk/modules/http/vhost-ssl-conf URL: http://svn.apache.org/viewvc/tuscany/sca-cpp/trunk/modules/http/vhost-ssl-conf?rev=1220526&r1=1220525&r2=1220526&view=diff ============================================================================== --- tuscany/sca-cpp/trunk/modules/http/vhost-ssl-conf (original) +++ tuscany/sca-cpp/trunk/modules/http/vhost-ssl-conf Sun Dec 18 20:19:11 2011 @@ -52,13 +52,5 @@ ServerAlias *.$host VirtualDocumentRoot $vroot/%1/$vhtdocs/ Include conf/dvhost-ssl.conf - -# Allow access to document root - -Options FollowSymLinks -AuthType None -Require all granted - - Modified: tuscany/sca-cpp/trunk/modules/oauth/mod-oauth1.cpp URL: http://svn.apache.org/viewvc/tuscany/sca-cpp/trunk/modules/oauth/mod-oauth1.cpp?rev=1220526&r1=1220525&r2=1220526&view=diff ============================================================================== --- tuscany/sca-cpp/trunk/modules/oauth/mod-oauth1.cpp (original) +++ tuscany/sca-cpp/trunk/modules/oauth/mod-oauth1.cpp Sun Dec 18 20:19:11 2011 @@ -376,8 +376,8 @@ const failable access_token(const l return mkfailure(reason(prc)); // Send session ID to the client in a cookie - debug(c_str(openauth::cookie(sid, httpd::hostName(sc.server))), "modoauth1::access_token::setcookie"); - apr_table_set(r->err_headers_out, "Set-Cookie", c_str(openauth::cookie(sid, httpd::hostName(sc.server)))); + debug(c_str(openauth::cookie(sid, httpd::hostName(r))), "modoauth1::access_token::setcookie"); + apr_table_set(r->err_headers_out, "Set-Cookie", c_str(openauth::cookie(sid, httpd::hostName(r)))); return httpd::externalRedirect(httpd::url(r->uri, r), r); } Modified: tuscany/sca-cpp/trunk/modules/oauth/mod-oauth2.cpp URL: http://svn.apache.org/viewvc/tuscany/sca-cpp/trunk/modules/oauth/mod-oauth2.cpp?rev=1220526&r1=1220525&r2=1220526&view=diff ============================================================================== --- tuscany/sca-cpp/trunk/modules/oauth/mod-oauth2.cpp (original) +++ tuscany/sca-cpp/trunk/modules/oauth/mod-oauth2.cpp Sun Dec 18 20:19:11 2011 @@ -231,8 +231,8 @@ const failable access_token(const l return mkfailure(reason(prc)); // Send session ID to the client in a cookie - debug(c_str(openauth::cookie(sid, httpd::hostName(sc.server))), "modoauth2::access_token::setcookie"); - apr_table_set(r->err_headers_out, "Set-Cookie", c_str(openauth::cookie(sid, httpd::hostName(sc.server)))); + debug(c_str(openauth::cookie(sid, httpd::hostName(r))), "modoauth2::access_token::setcookie"); + apr_table_set(r->err_headers_out, "Set-Cookie", c_str(openauth::cookie(sid, httpd::hostName(r)))); return httpd::externalRedirect(httpd::url(r->uri, r), r); } Modified: tuscany/sca-cpp/trunk/modules/oauth/oauth-conf URL: http://svn.apache.org/viewvc/tuscany/sca-cpp/trunk/modules/oauth/oauth-conf?rev=1220526&r1=1220525&r2=1220526&view=diff ============================================================================== --- tuscany/sca-cpp/trunk/modules/oauth/oauth-conf (original) +++ tuscany/sca-cpp/trunk/modules/oauth/oauth-conf Sun Dec 18 20:19:11 2011 @@ -41,12 +41,14 @@ LoadModule mod_tuscany_oauth2 $here/libm EOF -cat >$root/cert/oauth-keys.conf <$root/conf/noauth.conf <>$root/conf/auth.conf <$root/cert/oauth-keys.conf <>$root/conf/auth.conf <$root/conf/noauth.conf <>$root/conf/modules.conf <>$root/conf/httpd.conf <>$root/conf/pubauth.conf < AuthType None Require all granted Modified: tuscany/sca-cpp/trunk/modules/openid/openid-step2-conf URL: http://svn.apache.org/viewvc/tuscany/sca-cpp/trunk/modules/openid/openid-step2-conf?rev=1220526&r1=1220525&r2=1220526&view=diff ============================================================================== --- tuscany/sca-cpp/trunk/modules/openid/openid-step2-conf (original) +++ tuscany/sca-cpp/trunk/modules/openid/openid-step2-conf Sun Dec 18 20:19:11 2011 @@ -42,8 +42,8 @@ ForceType text/plain EOF -cat >>$root/conf/httpd.conf <>$root/conf/pubauth.conf < AuthType None Modified: tuscany/sca-cpp/trunk/modules/server/mod-eval.hpp URL: http://svn.apache.org/viewvc/tuscany/sca-cpp/trunk/modules/server/mod-eval.hpp?rev=1220526&r1=1220525&r2=1220526&view=diff ============================================================================== --- tuscany/sca-cpp/trunk/modules/server/mod-eval.hpp (original) +++ tuscany/sca-cpp/trunk/modules/server/mod-eval.hpp Sun Dec 18 20:19:11 2011 @@ -56,10 +56,10 @@ namespace modeval { */ class ServerConf { public: - ServerConf(apr_pool_t* p, server_rec* s) : p(p), server(s), contributionPath(""), compositeName(""), virtualHostContributionPath(""), virtualHostCompositeName(""), ca(""), cert(""), key("") { + ServerConf(apr_pool_t* p, server_rec* s) : p(p), server(s), contributionPath(""), compositeName(""), virtualHostDomain(""), virtualHostContributionPath(""), virtualHostCompositeName(""), ca(""), cert(""), key("") { } - ServerConf(apr_pool_t* p, const ServerConf& ssc, const string& name) : p(p), server(ssc.server), lifecycle(ssc.lifecycle), contributionPath(ssc.virtualHostContributionPath + name + "/"), compositeName(ssc.virtualHostCompositeName), virtualHostContributionPath(""), virtualHostCompositeName(""), ca(ssc.ca), cert(ssc.cert), key(ssc.key) { + ServerConf(apr_pool_t* p, const ServerConf& ssc, const string& name) : p(p), server(ssc.server), lifecycle(ssc.lifecycle), contributionPath(ssc.virtualHostContributionPath + name + "/"), compositeName(ssc.virtualHostCompositeName), virtualHostDomain(""), virtualHostContributionPath(""), virtualHostCompositeName(""), ca(ssc.ca), cert(ssc.cert), key(ssc.key) { } const gc_pool p; @@ -67,6 +67,7 @@ public: lambda&)> lifecycle; string contributionPath; string compositeName; + string virtualHostDomain; string virtualHostContributionPath; string virtualHostCompositeName; string ca; @@ -84,6 +85,13 @@ const bool hasCompositeConf(const Server } /** + * Return true if a server contains a virtual host domain configuration. + */ +const bool hasVirtualDomainConf(const ServerConf& sc) { + return sc.virtualHostDomain != ""; +} + +/** * Return true if a server contains a virtual host composite configuration. */ const bool hasVirtualCompositeConf(const ServerConf& sc) { @@ -812,7 +820,7 @@ const int handleRequest(const ServerConf // Handle a request targeting a virtual host or virtual app if (hasVirtualCompositeConf(sc)) { - if (httpd::isVirtualHostRequest(sc.server, r)) { + if (hasVirtualDomainConf(sc) && httpd::isVirtualHostRequest(sc.server, sc.virtualHostDomain, r)) { ServerConf vsc(r->pool, sc, http::subDomain(httpd::hostName(r))); if (!hasContent(virtualHostConfig(vsc, sc, r))) return HTTP_INTERNAL_SERVER_ERROR; @@ -916,6 +924,7 @@ const int postConfigMerge(const ServerCo sc.lifecycle = mainsc.lifecycle; sc.contributionPath = mainsc.contributionPath; sc.compositeName = mainsc.compositeName; + sc.virtualHostDomain = mainsc.virtualHostDomain; sc.virtualHostContributionPath = mainsc.virtualHostContributionPath; sc.virtualHostCompositeName = mainsc.virtualHostCompositeName; if (sc.ca == "") sc.ca = mainsc.ca; @@ -1026,6 +1035,12 @@ const char* confComposite(cmd_parms *cmd sc.compositeName = arg; return NULL; } +const char* confVirtualDomain(cmd_parms *cmd, unused void *c, const char *arg) { + gc_scoped_pool pool(cmd->pool); + ServerConf& sc = httpd::serverConf(cmd, &mod_tuscany_eval); + sc.virtualHostDomain = arg; + return NULL; +} const char* confVirtualContribution(cmd_parms *cmd, unused void *c, const char *arg) { gc_scoped_pool pool(cmd->pool); ServerConf& sc = httpd::serverConf(cmd, &mod_tuscany_eval); @@ -1068,6 +1083,7 @@ const char* confEnv(unused cmd_parms *cm const command_rec commands[] = { AP_INIT_TAKE1("SCAContribution", (const char*(*)())confContribution, NULL, RSRC_CONF, "SCA contribution location"), AP_INIT_TAKE1("SCAComposite", (const char*(*)())confComposite, NULL, RSRC_CONF, "SCA composite location"), + AP_INIT_TAKE1("SCAVirtualDomain", (const char*(*)())confVirtualDomain, NULL, RSRC_CONF, "SCA virtual host domain"), AP_INIT_TAKE1("SCAVirtualContribution", (const char*(*)())confVirtualContribution, NULL, RSRC_CONF, "SCA virtual host contribution location"), AP_INIT_TAKE1("SCAVirtualComposite", (const char*(*)())confVirtualComposite, NULL, RSRC_CONF, "SCA virtual composite location"), AP_INIT_TAKE12("SCASetEnv", (const char*(*)())confEnv, NULL, OR_FILEINFO, "Environment variable name and optional value"), Modified: tuscany/sca-cpp/trunk/modules/server/mod-wiring.cpp URL: http://svn.apache.org/viewvc/tuscany/sca-cpp/trunk/modules/server/mod-wiring.cpp?rev=1220526&r1=1220525&r2=1220526&view=diff ============================================================================== --- tuscany/sca-cpp/trunk/modules/server/mod-wiring.cpp (original) +++ tuscany/sca-cpp/trunk/modules/server/mod-wiring.cpp Sun Dec 18 20:19:11 2011 @@ -54,16 +54,17 @@ const bool useModProxy = true; */ class ServerConf { public: - ServerConf(apr_pool_t* p, server_rec* s) : p(p), server(s), contributionPath(""), compositeName(""), virtualHostContributionPath(""), virtualHostCompositeName("") { + ServerConf(apr_pool_t* p, server_rec* s) : p(p), server(s), contributionPath(""), compositeName(""), virtualHostDomain(""), virtualHostContributionPath(""), virtualHostCompositeName("") { } - ServerConf(apr_pool_t* p, const ServerConf& ssc, const string& name) : p(p), server(ssc.server), contributionPath(ssc.virtualHostContributionPath + name + "/"), compositeName(ssc.virtualHostCompositeName), virtualHostContributionPath(""), virtualHostCompositeName("") { + ServerConf(apr_pool_t* p, const ServerConf& ssc, const string& name) : p(p), server(ssc.server), contributionPath(ssc.virtualHostContributionPath + name + "/"), compositeName(ssc.virtualHostCompositeName), virtualHostDomain(""), virtualHostContributionPath(""), virtualHostCompositeName("") { } const gc_pool p; server_rec* server; string contributionPath; string compositeName; + string virtualHostDomain; string virtualHostContributionPath; string virtualHostCompositeName; list references; @@ -78,6 +79,13 @@ const bool hasCompositeConf(const Server } /** + * Return true if a server contains a virtual host domain configuration. + */ +const bool hasVirtualDomainConf(const ServerConf& sc) { + return sc.virtualHostDomain != ""; +} + +/** * Return true if a server contains a virtual host composite configuration. */ const bool hasVirtualCompositeConf(const ServerConf& sc) { @@ -304,8 +312,9 @@ const int translateRequest(const ServerC // If the request is targeting a virtual host, use the corresponding // virtual host configuration + const bool vdc = hasVirtualDomainConf(sc); const bool vcc = hasVirtualCompositeConf(sc); - if (vcc && httpd::isVirtualHostRequest(sc.server, r)) { + if (vdc && vcc && httpd::isVirtualHostRequest(sc.server, sc.virtualHostDomain, r)) { ServerConf vsc(r->pool, sc, http::subDomain(httpd::hostName(r))); if (!hasContent(virtualHostConfig(vsc, sc, r))) return HTTP_INTERNAL_SERVER_ERROR; @@ -409,6 +418,7 @@ const int postConfigMerge(const ServerCo ServerConf& sc = httpd::serverConf(s, &mod_tuscany_wiring); sc.contributionPath = mainsc.contributionPath; sc.compositeName = mainsc.compositeName; + sc.virtualHostDomain = mainsc.virtualHostDomain; sc.virtualHostContributionPath = mainsc.virtualHostContributionPath; sc.virtualHostCompositeName = mainsc.virtualHostCompositeName; sc.references = mainsc.references; @@ -462,6 +472,12 @@ const char *confComposite(cmd_parms *cmd sc.compositeName = arg; return NULL; } +const char *confVirtualDomain(cmd_parms *cmd, unused void *c, const char *arg) { + gc_scoped_pool pool(cmd->pool); + ServerConf& sc = httpd::serverConf(cmd, &mod_tuscany_wiring); + sc.virtualHostDomain = arg; + return NULL; +} const char *confVirtualContribution(cmd_parms *cmd, unused void *c, const char *arg) { gc_scoped_pool pool(cmd->pool); ServerConf& sc = httpd::serverConf(cmd, &mod_tuscany_wiring); @@ -481,6 +497,7 @@ const char *confVirtualComposite(cmd_par const command_rec commands[] = { AP_INIT_TAKE1("SCAContribution", (const char*(*)())confContribution, NULL, RSRC_CONF, "SCA contribution location"), AP_INIT_TAKE1("SCAComposite", (const char*(*)())confComposite, NULL, RSRC_CONF, "SCA composite location"), + AP_INIT_TAKE1("SCAVirtualDomain", (const char*(*)())confVirtualDomain, NULL, RSRC_CONF, "SCA virtual host domain"), AP_INIT_TAKE1("SCAVirtualContribution", (const char*(*)())confVirtualContribution, NULL, RSRC_CONF, "SCA virtual host contribution location"), AP_INIT_TAKE1("SCAVirtualComposite", (const char*(*)())confVirtualComposite, NULL, RSRC_CONF, "SCA virtual host composite location"), {NULL, NULL, NULL, 0, NO_ARGS, NULL} Modified: tuscany/sca-cpp/trunk/modules/server/server-conf URL: http://svn.apache.org/viewvc/tuscany/sca-cpp/trunk/modules/server/server-conf?rev=1220526&r1=1220525&r2=1220526&view=diff ============================================================================== --- tuscany/sca-cpp/trunk/modules/server/server-conf (original) +++ tuscany/sca-cpp/trunk/modules/server/server-conf Sun Dec 18 20:19:11 2011 @@ -54,6 +54,10 @@ Alias /scdl.js $jsprefix/htdocs/scdl.js Alias /all.js $jsprefix/htdocs/all.js Alias /all-min.js $jsprefix/htdocs/all-min.js +EOF + +cat >>$root/conf/pubauth.conf < AuthType None Require all granted Modified: tuscany/sca-cpp/trunk/samples/store-cluster/server-conf URL: http://svn.apache.org/viewvc/tuscany/sca-cpp/trunk/samples/store-cluster/server-conf?rev=1220526&r1=1220525&r2=1220526&view=diff ============================================================================== --- tuscany/sca-cpp/trunk/samples/store-cluster/server-conf (original) +++ tuscany/sca-cpp/trunk/samples/store-cluster/server-conf Sun Dec 18 20:19:11 2011 @@ -34,6 +34,7 @@ SCAContribution `pwd`/shared/ SCAComposite shared.composite # Configure SCA Composite for mass dynamic virtual hosting +SCAVirtualDomain sca-store.com SCAVirtualContribution `pwd`/domains/ SCAVirtualComposite store.composite Modified: tuscany/sca-cpp/trunk/samples/store-cluster/server-ssl-conf URL: http://svn.apache.org/viewvc/tuscany/sca-cpp/trunk/samples/store-cluster/server-ssl-conf?rev=1220526&r1=1220525&r2=1220526&view=diff ============================================================================== --- tuscany/sca-cpp/trunk/samples/store-cluster/server-ssl-conf (original) +++ tuscany/sca-cpp/trunk/samples/store-cluster/server-ssl-conf Sun Dec 18 20:19:11 2011 @@ -52,6 +52,7 @@ SCAContribution `pwd`/shared/ SCAComposite shared.composite # Configure SCA Composite for mass dynamic virtual hosting +SCAVirtualDomain sca-store.com SCAVirtualContribution `pwd`/domains/ SCAVirtualComposite store.composite Modified: tuscany/sca-cpp/trunk/samples/store-vhost/ssl-start URL: http://svn.apache.org/viewvc/tuscany/sca-cpp/trunk/samples/store-vhost/ssl-start?rev=1220526&r1=1220525&r2=1220526&view=diff ============================================================================== --- tuscany/sca-cpp/trunk/samples/store-vhost/ssl-start (original) +++ tuscany/sca-cpp/trunk/samples/store-vhost/ssl-start Sun Dec 18 20:19:11 2011 @@ -38,6 +38,7 @@ SCAContribution `pwd`/shared/ SCAComposite shared.composite # Configure SCA Composite for mass dynamic virtual Hosting +SCAVirtualDomain sca-store.com SCAVirtualContribution `pwd`/domains/ SCAVirtualComposite store.composite Modified: tuscany/sca-cpp/trunk/samples/store-vhost/start URL: http://svn.apache.org/viewvc/tuscany/sca-cpp/trunk/samples/store-vhost/start?rev=1220526&r1=1220525&r2=1220526&view=diff ============================================================================== --- tuscany/sca-cpp/trunk/samples/store-vhost/start (original) +++ tuscany/sca-cpp/trunk/samples/store-vhost/start Sun Dec 18 20:19:11 2011 @@ -28,6 +28,7 @@ SCAContribution `pwd`/shared/ SCAComposite shared.composite # Configure SCA Composite for mass dynamic virtual hosting +SCAVirtualDomain sca-store.com SCAVirtualContribution `pwd`/domains/ SCAVirtualComposite store.composite Modified: tuscany/sca-cpp/trunk/samples/store-vhost/uec2-start URL: http://svn.apache.org/viewvc/tuscany/sca-cpp/trunk/samples/store-vhost/uec2-start?rev=1220526&r1=1220525&r2=1220526&view=diff ============================================================================== --- tuscany/sca-cpp/trunk/samples/store-vhost/uec2-start (original) +++ tuscany/sca-cpp/trunk/samples/store-vhost/uec2-start Sun Dec 18 20:19:11 2011 @@ -41,6 +41,7 @@ sudo ../../ubuntu/ip-redirect-all 443 84 ../../modules/python/python-conf tmp cat >>tmp/conf/httpd.conf <