git.evergreen-ils.org Git - Evergreen.git/commit

author	Galen Charlton <gmc@esilibrary.com>
	Thu, 30 Apr 2015 18:07:14 +0000 (11:07 -0700)
committer	Bill Erickson <berickxx@gmail.com>
	Fri, 1 May 2015 20:17:31 +0000 (16:17 -0400)
commit	bb112c5a108bc7208fe321f7af6e2c524a91dd74
tree	efab95162a4537ec7b1d5b02cf9f717f8381b5b7	tree
parent	5caea30d5de003edeaed7133fed88752b8724e2d	commit \| diff

LP#1449283: fix auth when running under Apache 2.4

When running under Apache 2.4 using the stock configuration
derived from apache_24/eg_vhost.conf.in, protected
URLs such as https://eghost/reporter/ that are meant to
require valid EG staff credentials were not in fact
requiring authentication.

This patch does the following to fix this:

[1] Removes several uses of "Require all granted" that
    was causing authentication to be ignored.
[2] Changes OpenILS::WWW::Proxy::Authen so that it always
    sets the username in the Apache request object if
    authentication was successful; it appears that starting
    with Apache 2.4, authentication handlers must ensure
    that a user name is set for a "Require valid-user"
    directive to work.

Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Signed-off-by: Jason Stephenson <jstephenson@mvlc.org>
Signed-off-by: Bill Erickson <berickxx@gmail.com>

Open-ILS/examples/apache_24/eg_vhost.conf.in		diff \| blob \| history
Open-ILS/src/perlmods/lib/OpenILS/WWW/Proxy/Authen.pm		diff \| blob \| history