Hello,
In Apache 2.2 on RHEL5, Satisfy Any does not behave as expected with Cosign
(3.1.1), rejecting anyone who doesn't match the Allow clause. Specifically,
cosign_authn sees a NULL user and rejects it. Simply bumping up the
priority of the Cosign hooks (see below) makes it behave as expected.
Light testing shows no problems, as I'd expect from changing a few handler
priorities, but I don't know the system well enough to know if there could
be any other consequences.
Thanks,
Brandon
--- cosign-3.1.1/filters/apache2/mod_cosign.c 2010-01-06 00:52:43.000000000
-0500
+++ cosign-modified/filters/apache2/mod_cosign.c 2010-05-24
10:08:55.000000000 -0400
@@ -1208,9 +1208,9 @@
static const char * const other_mods[] = { "mod_access.c", NULL };
ap_hook_post_config( cosign_init, NULL, NULL, APR_HOOK_MIDDLE );
- ap_hook_handler( cosign_handler, NULL, NULL, APR_HOOK_MIDDLE );
- ap_hook_access_checker( cosign_auth, NULL, other_mods, APR_HOOK_MIDDLE
);
- ap_hook_check_user_id( cosign_authn, NULL, NULL, APR_HOOK_MIDDLE );
+ ap_hook_handler( cosign_handler, NULL, NULL, APR_HOOK_FIRST );
+ ap_hook_access_checker( cosign_auth, NULL, other_mods, APR_HOOK_FIRST
);
+ ap_hook_check_user_id( cosign_authn, NULL, NULL, APR_HOOK_FIRST );
}
/* Our actual module structure */
------------------------------------------------------------------------------
_______________________________________________
Cosign-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/cosign-discuss
