December 2002
Intermediate to advanced
588 pages
25h 57m
English
Content preview from Apache: The Definitive Guide, 3rd EditionBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Name
Check Auth
Synopsis
int
module_check_auth(request_rec *pReq)
This hook is called to check whether the authenticated user (found in
pReq->connection->user) is permitted to
access the current URL. It normally uses the per-directory
configuration (remembering that this is actually the combined
directory, location, and file configuration) to determine this. It
must return OK, DECLINED, or a
status code. Again, the usual status to return is
HTTP_UNAUTHORIZED if access is denied, thus giving
the user a chance to present new credentials. Modules are polled
until one returns something other than DECLINED.
Again, the natural example to use is from mod_auth.c, as shown in Example 21-19.
Example
Example 21-19. mod_auth.c
int check_user_access (request_rec *r) { auth_config_rec *sec = (auth_config_rec *)ap_get_module_config (r->per_dir_config, &auth_module); char *user = r->connection->user; int m = r->method_number; int method_restricted = 0; register int x; char *t, *w; table *grpstatus; array_header *reqs_arr = requires (r); require_line *reqs; if (!reqs_arr) return (OK); reqs = (require_line *)reqs_arr->elts; if(sec->auth_grpfile) grpstatus = groups_for_user (r->pool, user, sec->auth_grpfile); else grpstatus = NULL; for(x=0; x < reqs_arr->nelts; x++) { if (! (reqs[x].method_mask & (1 << m))) continue; method_restricted = 1; t = reqs[x].requirement; w = getword(r->pool, &t, ' '); if(!strcmp(w,"valid-user")) return OK; if(!strcmp(w,"user")) { while(t[0]) { w = getword_conf (r->pool, &t); ...