Set the r->user as well (will show up in access_log).

2 files changed, 5 insertions, 2 deletions

diff --git a/README b/README
index 1334e13..effcdf2 100644
--- a/README
+++ b/README
@@ -5,7 +5,9 @@ Apache module mod_intercept_form_submit
 Apache module to intercept submission of application login forms. It
 retrieves the login and password information from the POST HTTP
 request, runs PAM authentication with those credentials, and sets the
-REMOTE_USER environment variable if the authentication passes. If the
+REMOTE_USER environment variable if the authentication passes. The
+internal r->user field is also set so other modules can use it (even
+if the module is invoked very late in the request processing). If the
 REMOTE_USER is already set (presumably by some previous module), no
 authentication takes place.
 
diff --git a/mod_intercept_form_submit.c b/mod_intercept_form_submit.c
index 8e37696..a0a6b00 100644
--- a/mod_intercept_form_submit.c
+++ b/mod_intercept_form_submit.c
@@ -78,7 +78,7 @@ int pam_authenticate_conv(int num_msg, const struct pam_message ** msg, struct p
 }
 
 #define _REMOTE_USER_ENV_NAME "REMOTE_USER"
-int pam_authenticate_with_login_password(request_rec * r, const char * pam_service, const char * login, const char * password) {
+int pam_authenticate_with_login_password(request_rec * r, const char * pam_service, char * login, const char * password) {
 	pam_handle_t * pamh = NULL;
 	struct pam_conv pam_conversation = { &pam_authenticate_conv, (void *) password };
 	int ret;
@@ -95,6 +95,7 @@ int pam_authenticate_with_login_password(request_rec * r, const char * pam_servi
 		return 0;
 	}
 	apr_table_setn(r->subprocess_env, _REMOTE_USER_ENV_NAME, login);
+	r->user = login;
 	ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, r->server, "mod_intercept_form_submit: PAM authentication passed for user %s", login);
 	pam_end(pamh, ret);
 	return 1;