On May 24, 2010, at 10:46 AM, Brandon Bensel wrote:
>
> Hello,
>
> In Apache 2.2 on RHEL5, Satisfy Any does not behave as expected with Cosign
> (3.1.1), rejecting anyone who doesn't match the Allow clause. Specifically,
> cosign_authn sees a NULL user and rejects it. Simply bumping up the
> priority of the Cosign hooks (see below) makes it behave as expected.
What's your Allow directive?
andrew
> Light testing shows no problems, as I'd expect from changing a few handler
> priorities, but I don't know the system well enough to know if there could
> be any other consequences.
>
> Thanks,
>
> Brandon
>
> --- cosign-3.1.1/filters/apache2/mod_cosign.c 2010-01-06 00:52:43.000000000
> -0500
> +++ cosign-modified/filters/apache2/mod_cosign.c 2010-05-24
> 10:08:55.000000000 -0400
> @@ -1208,9 +1208,9 @@
> static const char * const other_mods[] = { "mod_access.c", NULL };
>
> ap_hook_post_config( cosign_init, NULL, NULL, APR_HOOK_MIDDLE );
> - ap_hook_handler( cosign_handler, NULL, NULL, APR_HOOK_MIDDLE );
> - ap_hook_access_checker( cosign_auth, NULL, other_mods, APR_HOOK_MIDDLE
> );
> - ap_hook_check_user_id( cosign_authn, NULL, NULL, APR_HOOK_MIDDLE );
> + ap_hook_handler( cosign_handler, NULL, NULL, APR_HOOK_FIRST );
> + ap_hook_access_checker( cosign_auth, NULL, other_mods, APR_HOOK_FIRST
> );
> + ap_hook_check_user_id( cosign_authn, NULL, NULL, APR_HOOK_FIRST );
> }
>
> /* Our actual module structure */
>
>
> ------------------------------------------------------------------------------
>
> _______________________________________________
> Cosign-discuss mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/cosign-discuss
>
> !DSPAM:4bfa9611284911903312405!
>
>
>
------------------------------------------------------------------------------
_______________________________________________
Cosign-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/cosign-discuss
