Am Montag, den 25.09.2017, 10:29 -0400 schrieb Eric Covener:
> Sorry, a bit swamped today, but AFAICT that is not what an
> auth_checker is underlying httpd API, so I tentatively think that lua
> dev doc is incorrect.
>
> Please have a look at include/http_request.h and server/request.c
> where the hooks are called.
Hi Eric,
btw thanks for answering ;). Continuing this topic:
Reading include/http_request.h (line number 505+):
/**
* Register a hook function that will analyze the request
headers,
* authenticate the user, and set the user information in the request
record.
* @param pf A check_user_id hook function
* @param aszPre A NULL-terminated array of strings that name modules
whose
* hooks should precede this one
* @param aszSucc A NULL-terminated array of strings that name modules
whose
* hooks should succeed this one
* @param nOrder An integer determining order before honouring aszPre
and
* aszSucc (for example, HOOK_MIDDLE)
* @param type Internal request processing mode, either
* AP_AUTH_INTERNAL_PER_URI or AP_AUTH_INTERNAL_PER_CONF
*/
AP_DECLARE(void) ap_hook_check_authn(ap_HOOK_check_user_id_t
*pf,
const char * const
*aszPre,
const char * const
*aszSucc,
int nOrder, int type);
Imho this one reads like the hook which mod_lua should / can use to make
those examples correct, right?
But you're right - reading mod_lua.c:
LuaHookAuthChecker -> register_auth_checker_hook is used which does
that:
return register_named_file_function_hook("auth_checker", cmd, _cfg,
file, function,apr_hook_when);
which just uses auth_checker callback which reads:
/**
* This hook is used to check to see if the resource being requested
* is available for the authenticated user (r->user and
r->ap_auth_type).
* It runs after the access_checker and check_user_id hooks. Note that
* it will *only* be called if Apache determines that access control has
* been applied to this resource (through a 'Require' directive). This
* hook should be registered with ap_hook_check_authz().
*
* @param r the current request
* @return OK, DECLINED, or HTTP_...
* @ingroup hooks
* @see ap_hook_check_authz
*/
AP_DECLARE_HOOK(int,auth_checker,(request_rec *r))
So this is a little pita ;-).
I thought and wanted to use what the docs are suggesting to use the
LuaHookAuthChecker to customize user authentication.
Implementation seems todo something else.
BUT there is the "ap_hook_check_authn" hook which reads like the
function i want to register with mod_lua.
Unfortunately it seems (via grep) that lua does not implement that hook.
Question: Who is in charge here? Are the docs correct and that is what
was planned to be implemented? In that case those other function should
be used (ap_hook_check_authn).
Or is there a need to support both usecases?
Can we extend mod_lua to support both or change the current code to use
the ap_hook_check_authn function?
kind regards
Torsten
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
|