[Rt-commit] rt branch, 4.2/rt-apache-auth, created. rt-4.2.4-35-g8923fc5
Alex Vandiver
alexmv at bestpractical.com
Fri May 23 16:52:53 EDT 2014
The branch, 4.2/rt-apache-auth has been created
at 8923fc5c842e541ae0e0db7d4df8e6ccec870b3c (commit)
- Log -----------------------------------------------------------------
commit 8923fc5c842e541ae0e0db7d4df8e6ccec870b3c
Author: Alex Vandiver <alexmv at bestpractical.com>
Date: Fri May 23 16:52:34 2014 -0400
Allow deploying with HTTP Basic auth and htpasswd
diff --git a/devel/tools/rt-apache b/devel/tools/rt-apache
index 71b420b..34d7dc6 100755
--- a/devel/tools/rt-apache
+++ b/devel/tools/rt-apache
@@ -77,6 +77,7 @@ GetOptions( \%opt,
"port|p=i",
"ssl:i",
"single|X",
+ "auth|A:s",
"modules=s",
@@ -125,6 +126,21 @@ unless ($opt{port}) {
# Set ssl port if they want it but didn't provide a number
$opt{ssl} = 4430 if defined $opt{ssl} and not $opt{ssl};
+# Default auth to on if they set $WebRemoteUserAuth
+$opt{auth} = '' if not exists $opt{auth} and parseconf( "WebRemoteUserAuth" );
+
+# Set an auth path if they want it but didn't pass a path
+if (defined $opt{auth} and not $opt{auth}) {
+ $opt{auth} = "$opt{root}/var/htpasswd";
+ unless (-f $opt{auth}) {
+ open(my $fh, ">", $opt{auth}) or die "Can't create default htpasswd: $!";
+ print $fh 'root:$apr1$TZA4Y0DL$DS5ZhDH8QrhB.uAtvNJmh.' . "\n";
+ close $fh or die "Can't create default htpasswd: $!";
+ }
+} elsif ($opt{auth} and not -f $opt{auth}) {
+ die "Can't read htpasswd file $opt{auth}!";
+}
+
# Parse out the WebPath
my $path = parseconf( "WebPath" ) || "";
@@ -133,6 +149,7 @@ $template =~ s/\$PORT/$opt{port}/g;
$template =~ s!\$PATH/!$path/!g;
$template =~ s!\$PATH!$path || "/"!ge;
$template =~ s/\$SSL/$opt{ssl} || 0/ge;
+$template =~ s/\$AUTH/$opt{auth}/ge;
$template =~ s/\$RTHOME/$opt{root}/g;
$template =~ s/\$MODULES/$opt{modules}/g;
$template =~ s/\$TOOLS/$FindBin::Bin/g;
@@ -149,6 +166,7 @@ push @opts, "-DSSL" if $opt{ssl};
push @opts, "-DRT3" if $opt{rt3};
push @opts, "-DSINGLE" if $opt{single};
push @opts, "-DREDIRECT" if $path;
+push @opts, "-DAUTH" if $opt{auth};
# Wait for a previous run to terminate
if ( open( PIDFILE, "<", "$opt{root}/var/apache2.pid") ) {
@@ -337,6 +355,23 @@ DocumentRoot $RTHOME/share/html
RewriteRule ^(?!\Q$PATH\E) - [R=404]
</IfDefine>
+<IfDefine AUTH>
+ LoadModule auth_basic_module $MODULES/mod_auth_basic.so
+ LoadModule authn_file_module $MODULES/mod_authn_file.so
+ LoadModule authz_user_module $MODULES/mod_authz_user.so
+ <Location $PATH>
+ Require valid-user
+ AuthType basic
+ AuthName "RT access"
+ AuthBasicProvider file
+ AuthUserFile $AUTH
+ </Location>
+ <Location $PATH/REST/1.0/NoAuth/mail-gateway>
+ Allow from localhost
+ Satisfy any
+ </Location>
+</IfDefine>
+
<IfDefine !RT3>
########## 4.0 mod_perl
<IfDefine PERL>
-----------------------------------------------------------------------
More information about the rt-commit
mailing list