Skip to content
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 14 additions & 2 deletions src/mod_auth_gssapi.c
Original file line number Diff line number Diff line change
Expand Up @@ -988,8 +988,11 @@ static int mag_auth(request_rec *req)

if (mc) {
if (mc->established &&
(auth_header == NULL) &&
(mc->auth_type != AUTH_TYPE_BASIC)) {
(cfg->force_session ||
((auth_header == NULL) &&
(mc->auth_type != AUTH_TYPE_BASIC))
)
) {
ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, req,
"Already established context found!");
mag_set_req_data(req, cfg, mc);
Expand Down Expand Up @@ -1347,6 +1350,13 @@ static const char *mag_use_sess(cmd_parms *parms, void *mconfig, int on)
return NULL;
}

static const char *mag_force_sess(cmd_parms *parms, void *mconfig, int on)
{
struct mag_config *cfg = (struct mag_config *)mconfig;
cfg->force_session = on ? true : false;
return NULL;
}

#ifdef HAVE_CRED_STORE
static const char *mag_use_s4u2p(cmd_parms *parms, void *mconfig, int on)
{
Expand Down Expand Up @@ -1836,6 +1846,8 @@ static const command_rec mag_commands[] = {
"Send Persitent-Auth header according to connection bound"),
AP_INIT_FLAG("GssapiUseSessions", mag_use_sess, NULL, OR_AUTHCFG,
"Authentication uses mod_sessions to hold status"),
AP_INIT_FLAG("GssapiForceSession", mag_force_sess, NULL, OR_AUTHCFG,
"Use negotiated session even when Basic auth is requested"),
AP_INIT_RAW_ARGS("GssapiSessionKey", mag_sess_key, NULL, OR_AUTHCFG,
"Key Used to seal session data."),
#ifdef HAVE_CRED_STORE
Expand Down
1 change: 1 addition & 0 deletions src/mod_auth_gssapi.h
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,7 @@ struct mag_config {
bool gss_conn_ctx;
bool send_persist;
bool use_sessions;
bool force_session;
#ifdef HAVE_CRED_STORE
bool use_s4u2proxy;
char *deleg_ccache_dir;
Expand Down