* Given a username and password (extracted externally from a cookie), run * the authnz hooks to determine whether this request is authorized. * * Return an HTTP code. */
| 756 | * Return an HTTP code. |
| 757 | */ |
| 758 | static int check_authn(request_rec * r, const char *sent_user, const char *sent_pw) |
| 759 | { |
| 760 | authn_status auth_result; |
| 761 | authn_provider_list *current_provider; |
| 762 | auth_form_config_rec *conf = ap_get_module_config(r->per_dir_config, |
| 763 | &auth_form_module); |
| 764 | |
| 765 | current_provider = conf->providers; |
| 766 | do { |
| 767 | const authn_provider *provider; |
| 768 | |
| 769 | /* |
| 770 | * For now, if a provider isn't set, we'll be nice and use the file |
| 771 | * provider. |
| 772 | */ |
| 773 | if (!current_provider) { |
| 774 | provider = ap_lookup_provider(AUTHN_PROVIDER_GROUP, |
| 775 | AUTHN_DEFAULT_PROVIDER, |
| 776 | AUTHN_PROVIDER_VERSION); |
| 777 | |
| 778 | if (!provider || !provider->check_password) { |
| 779 | ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01806) |
| 780 | "no authn provider configured"); |
| 781 | auth_result = AUTH_GENERAL_ERROR; |
| 782 | break; |
| 783 | } |
| 784 | apr_table_setn(r->notes, AUTHN_PROVIDER_NAME_NOTE, AUTHN_DEFAULT_PROVIDER); |
| 785 | } |
| 786 | else { |
| 787 | provider = current_provider->provider; |
| 788 | apr_table_setn(r->notes, AUTHN_PROVIDER_NAME_NOTE, current_provider->provider_name); |
| 789 | } |
| 790 | |
| 791 | if (!sent_user || !sent_pw) { |
| 792 | auth_result = AUTH_USER_NOT_FOUND; |
| 793 | break; |
| 794 | } |
| 795 | |
| 796 | auth_result = provider->check_password(r, sent_user, sent_pw); |
| 797 | |
| 798 | apr_table_unset(r->notes, AUTHN_PROVIDER_NAME_NOTE); |
| 799 | |
| 800 | /* Something occurred. Stop checking. */ |
| 801 | if (auth_result != AUTH_USER_NOT_FOUND) { |
| 802 | break; |
| 803 | } |
| 804 | |
| 805 | /* If we're not really configured for providers, stop now. */ |
| 806 | if (!conf->providers) { |
| 807 | break; |
| 808 | } |
| 809 | |
| 810 | current_provider = current_provider->next; |
| 811 | } while (current_provider); |
| 812 | |
| 813 | if (auth_result != AUTH_GRANTED) { |
| 814 | int return_code; |
| 815 |
no test coverage detected