119 ACLList *acl = elm->acl; |
119 ACLList *acl = elm->acl; |
120 if(!wsacl_check(acl, user, access_mask)) { |
120 if(!wsacl_check(acl, user, access_mask)) { |
121 // the acl denies access |
121 // the acl denies access |
122 |
122 |
123 if(!user) { |
123 if(!user) { |
124 pblock_nvinsert( |
124 char *value = NULL; |
125 "www-authenticate", |
125 if(acl->authprompt) { |
126 "Basic realm=\"Webserver\"", |
126 size_t realmlen = strlen(acl->authprompt); |
127 rq->srvhdrs); |
127 size_t len = realmlen + 16; |
|
128 value = pool_malloc(sn->pool, len); |
|
129 if(value) { |
|
130 snprintf( |
|
131 value, |
|
132 len, |
|
133 "Basic realm=\"%s\"", |
|
134 acl->authprompt); |
|
135 } |
|
136 } |
|
137 if(!value) { |
|
138 value = "Basic realm=\"login\""; |
|
139 } |
|
140 pblock_nvinsert("www-authenticate", value, rq->srvhdrs); |
128 protocol_status(sn, rq, PROTOCOL_UNAUTHORIZED, NULL); |
141 protocol_status(sn, rq, PROTOCOL_UNAUTHORIZED, NULL); |
129 } |
142 } else { |
130 user->free(user); |
143 user->free(user); |
|
144 } |
131 return REQ_ABORTED; |
145 return REQ_ABORTED; |
132 } |
146 } |
133 elm = elm->next; |
147 elm = elm->next; |
134 } |
148 } |
135 |
149 |
136 // ok - all acls allowed access |
150 // ok - all acls allowed access |
137 user->free(user); |
151 if(user) { |
|
152 user->free(user); |
|
153 } |
138 return REQ_PROCEED; |
154 return REQ_PROCEED; |
139 } |
155 } |
140 |
156 |
141 int wsacl_affects_user(ACLEntry *ace, User *user) { |
157 int wsacl_affects_user(ACLEntry *ace, User *user) { |
142 int check_access = 0; |
158 int check_access = 0; |