diff options
-rw-r--r-- | README | 11 | ||||
-rw-r--r-- | auth_mellon.h | 2 | ||||
-rw-r--r-- | auth_mellon_config.c | 27 | ||||
-rw-r--r-- | auth_mellon_cookie.c | 17 |
4 files changed, 53 insertions, 4 deletions
@@ -186,6 +186,17 @@ MellonPostCount 100 # Default: Off MellonSecureCookie On + # MellonCookieDomain allows to specify of the cookie which auth_mellon + # will set. + # Default: the domain for the received request (the Host: header if + # present, of the ServerName of the VirtualHost declaration, or if + # absent a reverse resolution on the local IP) + # MellonCookieDomain example.com + + # MellonCookiePath is the path of the cookie which auth_mellon will set. + # Default: / + MellonCookiePath / + # MellonUser selects which attribute we should use for the username. # The username is passed on to other apache modules and to the web # page the user visits. NAME_ID is an attribute which we set to diff --git a/auth_mellon.h b/auth_mellon.h index af7a74d..452fdea 100644 --- a/auth_mellon.h +++ b/auth_mellon.h @@ -163,6 +163,8 @@ typedef struct am_dir_cfg_rec { const char *varname; int secure; + const char *cookie_domain; + const char *cookie_path; apr_array_header_t *cond; apr_hash_t *envattr; const char *userattr; diff --git a/auth_mellon_config.c b/auth_mellon_config.c index 52e80b2..2056e0a 100644 --- a/auth_mellon_config.c +++ b/auth_mellon_config.c @@ -817,6 +817,22 @@ const command_rec auth_mellon_commands[] = { " secure flags set. Default is off." ), AP_INIT_TAKE1( + "MellonCookieDomain", + ap_set_string_slot, + (void *)APR_OFFSETOF(am_dir_cfg_rec, cookie_domain), + OR_AUTHCFG, + "The domain of the cookie which auth_mellon will set. Defaults to" + " the domain of the current request." + ), + AP_INIT_TAKE1( + "MellonCookiePath", + ap_set_string_slot, + (void *)APR_OFFSETOF(am_dir_cfg_rec, cookie_path), + OR_AUTHCFG, + "The path of the cookie which auth_mellon will set. Defaults to" + " '/'." + ), + AP_INIT_TAKE1( "MellonUser", ap_set_string_slot, (void *)APR_OFFSETOF(am_dir_cfg_rec, userattr), @@ -1051,6 +1067,8 @@ void *auth_mellon_dir_config(apr_pool_t *p, char *d) dir->varname = default_cookie_name; dir->secure = default_secure_cookie; dir->cond = apr_array_make(p, 0, sizeof(am_cond_t)); + dir->cookie_domain = NULL; + dir->cookie_path = NULL; dir->envattr = apr_hash_make(p); dir->userattr = default_user_attribute; dir->idpattr = NULL; @@ -1123,11 +1141,18 @@ void *auth_mellon_dir_merge(apr_pool_t *p, void *base, void *add) add_cfg->varname : base_cfg->varname); - + new_cfg->secure = (add_cfg->secure != default_secure_cookie ? add_cfg->secure : base_cfg->secure); + new_cfg->cookie_domain = (add_cfg->cookie_domain != NULL ? + add_cfg->cookie_domain : + base_cfg->cookie_domain); + + new_cfg->cookie_path = (add_cfg->cookie_path != NULL ? + add_cfg->cookie_path : + base_cfg->cookie_path); new_cfg->cond = apr_array_copy(p, (!apr_is_empty_array(add_cfg->cond)) ? diff --git a/auth_mellon_cookie.c b/auth_mellon_cookie.c index b7453ad..b321651 100644 --- a/auth_mellon_cookie.c +++ b/auth_mellon_cookie.c @@ -141,16 +141,27 @@ void am_cookie_set(request_rec *r, const char *id) const char *name; char *cookie; int secure_cookie; + const char *cookie_domain = ap_get_server_name(r); + const char *cookie_path = "/"; + am_dir_cfg_rec *cfg = am_get_dir_cfg(r); if (id == NULL) return; - secure_cookie = ((am_dir_cfg_rec *)am_get_dir_cfg(r))->secure; + if (cfg->cookie_domain) { + cookie_domain = cfg->cookie_domain; + } + + if (cfg->cookie_path) { + cookie_path = cfg->cookie_path; + } + + secure_cookie = cfg->secure; name = am_cookie_name(r); cookie = apr_psprintf(r->pool, - "%s=%s; Version=1; Path=/; Domain=%s%s;", - name, id, r->server->server_hostname, + "%s=%s; Version=1; Path=%s; Domain=%s%s;", + name, id, cookie_path, cookie_domain, secure_cookie ? "; HttpOnly; secure" : ""); ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, "cookie_set: %s", cookie); |