'c' code in mod_auth seems to work similar as the perl code below.
----- snip -----
for (x = 0; x < reqs_arr->nelts; x++) {
if (!(reqs[x].method_mask & (1 << m)))
continue;
method_restricted = 1;
t = reqs[x].requirement;
w = ap_getword_white(r->pool, &t);
if (!strcmp(w, "valid-user"))
return OK;
if (!strcmp(w, "user")) {
while (t[0]) {
w = ap_getword_conf(r->pool, &t);
if (!strcmp(user, w))
return OK;
}
}
else if (!strcmp(w, "group")) {
if (!grpstatus)
return DECLINED; /* DBM group? Something else? */
while (t[0]) {
w = ap_getword_conf(r->pool, &t);
if (ap_table_get(grpstatus, w))
return OK;
}
} else if (sec->auth_authoritative) {
/* if we aren't authoritative, any require directive could be
* valid even if we don't grok it. However, if we are
* authoritative, we can warn the user they did something wrong.
* That something could be a missing "AuthAuthoritative off", but
* more likely is a typo in the require directive.
*/
ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r,
"access to %s failed, reason: unknown require directive:"
"\"%s\"", r->uri, reqs[x].requirement);
}
}
if (!method_restricted)
return OK;
if (!(sec->auth_authoritative))
return DECLINED;
ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r,
"access to %s failed, reason: user %s not allowed access",
r->uri, user);
ap_note_basic_auth_failure(r);
return AUTH_REQUIRED;
}
----- snip -----
cliff rayman
genwax.com
Ken Williams wrote:
> Hi,
>
> I'm looking at the AuthCookie code, getting ready to release a new version to
> CPAN. It looks to me like currently only the first 'require' directive will be
> processed and obeyed. Here's the code from the old authz():
>
> ************************************************************
> foreach $reqs (@$reqs_arr) {
> ($requirement, $args) = split /\s+/, $reqs->{requirement}, 2;
> $args = "" unless defined $args;
> $r->log_error("requirement := $requirement, $args") if ($debug >= 2);
>
> if ($requirement eq "valid-user") {
> return OK;
> } elsif ($requirement eq "user") {
> return OK if ($args =~ m/\b$user\b/);
> } else {
> my $ret_val = $auth_type->$requirement($r, $args);
> $r->log_error("$auth_type->$requirement returned $ret_val")
> if $debug >= 3;
> return OK if $ret_val == OK;
> }
> $restricted++;
> }
>
> return OK unless $restricted;
> return FORBIDDEN;
> ************************************************************
>
> Is anyone actually using this with multiple "require' directives? Or would
> anyone like to?
>
> ------------------- -------------------
> Ken Williams Last Bastion of Euclidity
> [EMAIL PROTECTED] The Math Forum
