Skip to content
This repository

Apr 15, 2009

  1. Fabian Alenius

    Changed the way authentication is done, added support for multiple au…

    …thentication methods to be used for one directory and changed so that the
    
    401 page can be customized similarly to the 404 page.
    
    1. Renamed yaws_401.erl to yaws_outmod.erl, which is probably a better name considering it's current use(it also displays the crashmsg).
    2. Fixed the Makefile accordingly.
    2. Changed so that the auth record not only contains the authentication methods but also the headers that should be displayed for the
    directory.
    3. The headers are added in yaws_config.erl when the config file is parsed, the authmods now has to have a function get_headers/1 that
    returns the http headers that are to be displayed.
    3. is_auth now goes through the list of directories and when a matching directory is found it calls handle_auth which does the actual
    checking.
    4. handle_auth checks all the methods specified in the config file, if _one_ returns true, the user is authorized to view the page.
    5. Removed deliver_401 and changed so that handle_ut is called with UrlType = unauthorized.
    6. Changed handle_ut to handle UrlType = unauthorized, it handles it similarly to when it displays 404. It pulls the errormod_401 from the
    GC and calls out401 to display the actual page.
    7. Added a function outh_set_auth/1 to yaws.erl which takes a string or a {realm, Realm} tuple and returns the corresponding WWW-Authenticate
    header.
    8. Fixed so that the headers are displayed when the 401 page is displayed.
    9. Removed the special handling of appmod in handle_request. Previously authmods would return appmod when they wanted the 401 page to be
    displayed, this is no longer neccessary.
    10. Removed the out function from authmod_gssapi.erl.
    11. Changed the behaviour of authmod_gssapi so that it simply returns fales when it doesn't find called with the correct headers.
    Previously it would crash.
    
    TODO: Add support for multiple authmods and Pam modules for one directory.
    Rewrite authmod_gssapi so that it simply returns true or false.
    Fix a bug in yaws_ls, it links directories without the final / which means that every time you enter a directory first a 302 page is sent with
    a redirect to "dir/".
    Properly sort the WWW-authenticate headers, apparently the order mathers. For example Negoiate needs to be above Basic realm for
    it to use Negoiate.
    authored April 16, 2009
Something went wrong with that request. Please try again.