diff options
| author | Jan Pazdziora <jpazdziora@redhat.com> | 2013-11-05 12:46:06 +0800 |
|---|---|---|
| committer | Jan Pazdziora <jpazdziora@redhat.com> | 2013-11-07 08:04:30 +0800 |
| commit | 23a9139dcfadd4dc575e5d963df3e8b884eeb672 (patch) | |
| tree | d15de6d33a1cdc716eb7094c8888cdd6ea8107e4 | |
| parent | 03078d56896b6fb17149f7f162e5049fc281c8a8 (diff) | |
| download | mod_intercept_form_submit-23a9139dcfadd4dc575e5d963df3e8b884eeb672.tar.gz mod_intercept_form_submit-23a9139dcfadd4dc575e5d963df3e8b884eeb672.tar.xz mod_intercept_form_submit-23a9139dcfadd4dc575e5d963df3e8b884eeb672.zip | |
If REMOTE_USER is already set (presumably by previous module), skip.
| -rw-r--r-- | README | 4 | ||||
| -rw-r--r-- | mod_intercept_form_submit.c | 7 |
2 files changed, 9 insertions, 2 deletions
@@ -5,7 +5,9 @@ Apache module mod_intercept_form_submit Apache module to intercept submission of application login forms. It retrieves the login and password information from the POST HTTP request, runs PAM authentication with those credentials, and sets the -REMOTE_USER environment variable if the authentication passes. +REMOTE_USER environment variable if the authentication passes. If the +REMOTE_USER is already set (presumably by some previous module), no +authentication takes place. Module configuration -------------------- diff --git a/mod_intercept_form_submit.c b/mod_intercept_form_submit.c index bdbf69b..1445020 100644 --- a/mod_intercept_form_submit.c +++ b/mod_intercept_form_submit.c @@ -77,6 +77,7 @@ int pam_authenticate_conv(int num_msg, const struct pam_message ** msg, struct p return PAM_SUCCESS; } +#define _REMOTE_USER_ENV_NAME "REMOTE_USER" int pam_authenticate_with_login_password(request_rec * r, const char * pam_service, const char * login, const char * password) { pam_handle_t * pamh = NULL; struct pam_conv pam_conversation = { &pam_authenticate_conv, (void *) password }; @@ -93,7 +94,7 @@ int pam_authenticate_with_login_password(request_rec * r, const char * pam_servi pam_end(pamh, ret); return 0; } - apr_table_setn(r->subprocess_env, "REMOTE_USER", login); + apr_table_setn(r->subprocess_env, _REMOTE_USER_ENV_NAME, login); ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, r->server, "mod_intercept_form_submit: PAM authentication passed for user %s", login); pam_end(pamh, ret); return 1; @@ -314,6 +315,10 @@ void intercept_form_submit_init(request_rec * r) { ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, "mod_intercept_form_submit: skipping, not configured"); return; } + if (apr_table_get(r->subprocess_env, _REMOTE_USER_ENV_NAME)) { + ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, "mod_intercept_form_submit: skipping, " _REMOTE_USER_ENV_NAME " already set"); + return; + } const char * content_type = apr_table_get(r->headers_in, "Content-Type"); if (content_type && !apr_strnatcasecmp(content_type, _INTERCEPT_CONTENT_TYPE)) { ap_filter_t * the_filter = ap_add_input_filter("intercept_form_submit_filter", NULL, r, r->connection); |