diff options
| author | Jan Pazdziora <jpazdziora@redhat.com> | 2022-01-23 09:04:21 +0100 |
|---|---|---|
| committer | Jan Pazdziora <jpazdziora@redhat.com> | 2022-01-23 09:52:22 +0100 |
| commit | 3575243b49923894bea86f74f5c4ae31793b8479 (patch) | |
| tree | 65c976d1a53f2a330571779d8c56a0155c8d9f8d /tests | |
| parent | 79170d640088d972e0853269715ef419038b8b4c (diff) | |
| download | mod_authnz_pam-3575243b49923894bea86f74f5c4ae31793b8479.tar.gz mod_authnz_pam-3575243b49923894bea86f74f5c4ae31793b8479.tar.xz mod_authnz_pam-3575243b49923894bea86f74f5c4ae31793b8479.zip | |
Change default redirect status for AuthPAMExpiredRedirect to 303 See Other, make it configurable.
Redirect to reset password typically goes to different system,
so repeating for example POST which 307 Temporary Redirect does
is not that useful; the 303 See Other will do plain GET.
The redirect status can be overriden with an optional second parameter
to AuthPAMExpiredRedirect.
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/auth.conf | 10 | ||||
| -rwxr-xr-x | tests/run.sh | 3 |
2 files changed, 12 insertions, 1 deletions
diff --git a/tests/auth.conf b/tests/auth.conf index 2ee519e..c728d91 100644 --- a/tests/auth.conf +++ b/tests/auth.conf @@ -54,3 +54,13 @@ ScriptAlias /authnp4 /var/www/cgi-bin/auth.cgi AuthPAMExpiredRedirect http://localhost/fix-password?return=%s&percent=%%&user=%u Require pam-account webl </LocationMatch> + +ScriptAlias /authnp5 /var/www/cgi-bin/auth.cgi +<LocationMatch ^/authnp5> + AuthType Basic + AuthName "private area" + AuthBasicProvider PAM + AuthPAMService webl + AuthPAMExpiredRedirect http://localhost/login?realm=ježek&return=%s 307 + Require pam-account webl +</LocationMatch> diff --git a/tests/run.sh b/tests/run.sh index 28235f8..3b24f9b 100755 --- a/tests/run.sh +++ b/tests/run.sh @@ -55,7 +55,8 @@ curl -u user1:heslo1 -s http://localhost/authnp3 | tee /dev/stderr | grep 'User curl -u user1:heslo1 -s http://localhost/authnp4 | tee /dev/stderr | grep 'User user1' chage -d $(date -d -2days +%Y-%m-%d) -M 1 user1 curl -u user1:heslo1 -s http://localhost/authnp3 | tee /dev/stderr | grep 401 -curl -i -u user1:heslo1 -s 'http://localhost/authnp4?id=123&data=M%26M' | tee /dev/stderr | grep -F -e 'Location: http://localhost/fix-password?return=http%3a%2f%2flocalhost%2fauthnp4%3fid%3d123%26data%3dM%2526M&percent=%25&user=user1' -e 'HTTP/1.1 307 Temporary Redirect' | wc -l | grep 2 +curl -i -u user1:heslo1 -s 'http://localhost/authnp4?id=123&data=M%26M' | tee /dev/stderr | grep -F -e 'Location: http://localhost/fix-password?return=http%3a%2f%2flocalhost%2fauthnp4%3fid%3d123%26data%3dM%2526M&percent=%25&user=user1' -e 'HTTP/1.1 303 See Other' | wc -l | grep 2 +curl -i -u user1:heslo1 -s 'http://localhost/authnp5?data=křížala' | tee /dev/stderr | grep -F -e 'Location: http://localhost/login?realm=ježek&return=http%3a%2f%2flocalhost%2fauthnp5%3fdata%3dk%c5%99%c3%ad%c5%beala' -e 'HTTP/1.1 307 Temporary Redirect' | wc -l | grep 2 chage -d $(date -d -2days +%Y-%m-%d) -M 3 user1 curl -u user1:heslo1 -s http://localhost/authnp3 | tee /dev/stderr | grep 'User user1' curl -u user1:heslo1 -s http://localhost/authnp4 | tee /dev/stderr | grep 'User user1' |