[users] login form

[Tim Daley <tim.daley@xxxxxxx>]

I am struggling with getting a login form working. I am attempting to do it pretty much all in html/httpd2.4. It looks like this method ought to work. service httpd24-httpd configtest shows no errors.

Here are my login pages:

[root@ulcloud01 html]# cat login.html

<html>

<head><TITLE>Login Page</TITLE></head>

<body>

<div style="width:220px;padding:10px;border:5px solid gray;margin:10px;">

       <form method="POST">

               UserName: <input type="text" name="httpd_username"

                       value="" autofocus="autofocus" style="float:right"/>

               <br>

               <br>

               Password: <input type=password name="httpd_password"

                       value="" style="float:right"/>

               <br>

               <br>

               <center>

                       <input type="submit" name="login" value="Login"/>

               </center>

       </form>

</div>

<a href="" out</a>

</body>

</html>

[root@ulcloud01 html]# cat dologin.html

<html>

<body>

dologin

<br>

</body>

</html>

[root@ulcloud01 html]# cat success.html

<html>

<body>

Login Success

<br>

</body>

</html>

[root@ulcloud01 html]# cat failure.html

<html>

<head><TITLE>Login Failure</TITLE></head>

<body>

<div style="width:220px;padding:10px;border:5px solid gray;margin:10px;">

       <form method="POST" action="">

               UserName: <input type="text" name="httpd_username"

                       value="" autofocus="autofocus" style="float:right"/>

               <br>

               <br>

               Password: <input type=password name="httpd_password"

                       value="" style="float:right"/>

               <br>

               <br>

               <center>

                       <input type="submit" name="login" value="Login"/>

               </center>

       </form>

</div>

</body>

</html>

[root@ulcloud01 html]#

My httpd;conf is pretty basic. I've added a cloud.conf as follows:

[root@ulcloud01 conf.d]# cat cloud.conf

<VirtualHost *:80>

ServerName ulcloud01.ccci.org

RewriteEngine On

RewriteCond %{HTTPS} !=on

RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

</VirtualHost>

<VirtualHost _default_:443>

ServerName ulcloud01.ccci.org

DocumentRoot /opt/rh/httpd24/root/var/www/html

Session On

SessionEnv On

SessionCookieName session path=/

SessionHeader X-Replace-Session

SessionCryptoPassphrase secret

SSLEngine On

</VirtualHost>

<Location /dologin.html>

SetHandler form-login-handler

SetHandler form-logout-handler

AuthFormAuthoritative off

       AuthFormLoginRequiredLocation /login.html

       AuthFormLoginSuccessLocation /success.html

       AuthFormLogoutLocation /loggedout.html

ErrorDocument 401 /failure.html

AuthFormProvider file

AuthUserFile conf/passwd

AuthType form

AuthName realm

AuthFormBody httpd_body

AuthFormDisableNoStore Off

AuthFormFakeBasicAuth Off

AuthFormLocation httpd_location

AuthFormMethod httpd_method

AuthFormMimetype httpd_mimetype

AuthFormUsername httpd_username

AuthFormPassword httpd_password

AuthFormSize 8192

Session On

SessionCookieName session path=/

SessionCryptoPassphrase none

SSLRequireSSL

</Location>

SSLSessionCache shmcb:/etc/apache2/path/ssl_scache(512000)

SSLRandomSeed startup builtin

SSLRandomSeed connect builtin

SSLCertificateFile /opt/rh/httpd24/root/etc/httpd/ssl/apache.crt

SSLCertificateKeyFile /opt/rh/httpd24/root/etc/httpd/ssl/apache.key

[root@ulcloud01 conf.d]#

If I go to https://ulcloud01.ccci.org/login.html and enter an either a valid or invalid userid/password combination and click logout, the result is the same. The login.html page is redisplayed. Here's the error_log:

\[Mon Jun 09 14:41:17.864869 2014] [core:trace5] [pid 4356] protocol.c(618): [client 10.10.92.13:55231] Request received from client: POST /login.html HTTP/1.1

[Mon Jun 09 14:41:17.864978 2014] [http:trace4] [pid 4356] http_request.c(301): [client 10.10.92.13:55231] Headers received from client:, referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865004 2014] [http:trace4] [pid 4356] http_request.c(305): [client 10.10.92.13:55231]   Host: ulcloud01.ccci.org, referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865039 2014] [http:trace4] [pid 4356] http_request.c(305): [client 10.10.92.13:55231]   User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:29.0) Gecko/20100101 Firefox/29.0, referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865058 2014] [http:trace4] [pid 4356] http_request.c(305): [client 10.10.92.13:55231]   Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8, referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865079 2014] [http:trace4] [pid 4356] http_request.c(305): [client 10.10.92.13:55231]   Accept-Language: en-US,en;q=0.5, referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865097 2014] [http:trace4] [pid 4356] http_request.c(305): [client 10.10.92.13:55231]   Accept-Encoding: gzip, deflate, referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865114 2014] [http:trace4] [pid 4356] http_request.c(305): [client 10.10.92.13:55231]   Referer: https://ulcloud01.ccci.org/login.html, referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865131 2014] [http:trace4] [pid 4356] http_request.c(305): [client 10.10.92.13:55231]   Connection: keep-alive, referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865147 2014] [http:trace4] [pid 4356] http_request.c(305): [client 10.10.92.13:55231]   Content-Type: application/x-www-form-urlencoded, referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865164 2014] [http:trace4] [pid 4356] http_request.c(305): [client 10.10.92.13:55231]   Content-Length: 65, referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865374 2014] [authz_core:debug] [pid 4356] mod_authz_core.c(802): [client 10.10.92.13:55231] AH01626: authorization result of Require all granted: granted, referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865405 2014] [authz_core:debug] [pid 4356] mod_authz_core.c(802): [client 10.10.92.13:55231] AH01626: authorization result of <RequireAny>: granted, referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865424 2014] [core:trace3] [pid 4356] request.c(238): [client 10.10.92.13:55231] request authorized without authentication by access_checker_ex hook: /login.html, referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865637 2014] [core:debug] [pid 4356] util_cookies.c(129): [client 10.10.92.13:55231] AH00009: ap_cookie: user '(null)' removed cookie: 'session=;Max-Age=0;path=/', referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865696 2014] [http:trace3] [pid 4356] http_filters.c(963): [client 10.10.92.13:55231] Response sent with status 200, headers:, referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865718 2014] [http:trace5] [pid 4356] http_filters.c(970): [client 10.10.92.13:55231]   Date: Mon, 09 Jun 2014 18:41:17 GMT, referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865861 2014] [http:trace5] [pid 4356] http_filters.c(973): [client 10.10.92.13:55231]   Server: Apache/2.4.6 (Red Hat) OpenSSL/1.0.0-fips mod_auth_kerb/5.4 mod_wsgi/3.4 Python/2.7.5 mod_perl/2.0.8-dev Perl/v5.16.3, referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865885 2014] [http:trace4] [pid 4356] http_filters.c(806): [client 10.10.92.13:55231]   Set-Cookie: session=;Max-Age=0;path=/, referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865914 2014] [http:trace4] [pid 4356] http_filters.c(806): [client 10.10.92.13:55231]   Last-Modified: Mon, 09 Jun 2014 18:18:34 GMT, referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865935 2014] [http:trace4] [pid 4356] http_filters.c(806): [client 10.10.92.13:55231]   ETag: \\"209-4fb6b3d4446b5\\", referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865952 2014] [http:trace4] [pid 4356] http_filters.c(806): [client 10.10.92.13:55231]   Accept-Ranges: bytes, referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865969 2014] [http:trace4] [pid 4356] http_filters.c(806): [client 10.10.92.13:55231]   Content-Length: 521, referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865997 2014] [http:trace4] [pid 4356] http_filters.c(806): [client 10.10.92.13:55231]   Cache-Control: no-cache, referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.866014 2014] [http:trace4] [pid 4356] http_filters.c(806): [client 10.10.92.13:55231]   Set-Cookie: session=;Max-Age=0;path=/, referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.866030 2014] [http:trace4] [pid 4356] http_filters.c(806): [client 10.10.92.13:55231]   Keep-Alive: timeout=5, max=100, referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.866046 2014] [http:trace4] [pid 4356] http_filters.c(806): [client 10.10.92.13:55231]   Connection: Keep-Alive, referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.866062 2014] [http:trace4] [pid 4356] http_filters.c(806): [client 10.10.92.13:55231]   Content-Type: text/html; charset=UTF-8, referer: https://ulcloud01.ccci.org/login.html