old-git.evergreen-ils.org Git - working/Evergreen.git/commit

author	Galen Charlton <gmc@esilibrary.com>
	Thu, 30 Apr 2015 18:07:14 +0000 (11:07 -0700)
committer	Bill Erickson <berickxx@gmail.com>
	Fri, 1 May 2015 20:15:34 +0000 (16:15 -0400)
commit	cd4438a812041664a7d3f11993a902d98e8f8acf
tree	81b4ef37b6114118ddc6e440f4c01dc3e5f17d29	tree
parent	ab23f660bdd18d52e31367b66744410cdf321744	commit \| diff

LP#1449283: fix auth when running under Apache 2.4

When running under Apache 2.4 using the stock configuration
derived from apache_24/eg_vhost.conf.in, protected
URLs such as https://eghost/reporter/ that are meant to
require valid EG staff credentials were not in fact
requiring authentication.

This patch does the following to fix this:

[1] Removes several uses of "Require all granted" that
    was causing authentication to be ignored.
[2] Changes OpenILS::WWW::Proxy::Authen so that it always
    sets the username in the Apache request object if
    authentication was successful; it appears that starting
    with Apache 2.4, authentication handlers must ensure
    that a user name is set for a "Require valid-user"
    directive to work.

Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Signed-off-by: Jason Stephenson <jstephenson@mvlc.org>
Signed-off-by: Bill Erickson <berickxx@gmail.com>

Open-ILS/examples/apache_24/eg_vhost.conf.in		diff \| blob \| history
Open-ILS/src/perlmods/lib/OpenILS/WWW/Proxy/Authen.pm		diff \| blob \| history