Annotation of embedaddon/libpdel/http/servlet/cookieauth.h, revision 1.1.1.1
1.1 misho 1:
2: /*
3: * Copyright (c) 2001-2002 Packet Design, LLC.
4: * All rights reserved.
5: *
6: * Subject to the following obligations and disclaimer of warranty,
7: * use and redistribution of this software, in source or object code
8: * forms, with or without modifications are expressly permitted by
9: * Packet Design; provided, however, that:
10: *
11: * (i) Any and all reproductions of the source or object code
12: * must include the copyright notice above and the following
13: * disclaimer of warranties; and
14: * (ii) No rights are granted, in any manner or form, to use
15: * Packet Design trademarks, including the mark "PACKET DESIGN"
16: * on advertising, endorsements, or otherwise except as such
17: * appears in the above copyright notice or in the software.
18: *
19: * THIS SOFTWARE IS BEING PROVIDED BY PACKET DESIGN "AS IS", AND
20: * TO THE MAXIMUM EXTENT PERMITTED BY LAW, PACKET DESIGN MAKES NO
21: * REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, REGARDING
22: * THIS SOFTWARE, INCLUDING WITHOUT LIMITATION, ANY AND ALL IMPLIED
23: * WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE,
24: * OR NON-INFRINGEMENT. PACKET DESIGN DOES NOT WARRANT, GUARANTEE,
25: * OR MAKE ANY REPRESENTATIONS REGARDING THE USE OF, OR THE RESULTS
26: * OF THE USE OF THIS SOFTWARE IN TERMS OF ITS CORRECTNESS, ACCURACY,
27: * RELIABILITY OR OTHERWISE. IN NO EVENT SHALL PACKET DESIGN BE
28: * LIABLE FOR ANY DAMAGES RESULTING FROM OR ARISING OUT OF ANY USE
29: * OF THIS SOFTWARE, INCLUDING WITHOUT LIMITATION, ANY DIRECT,
30: * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, PUNITIVE, OR CONSEQUENTIAL
31: * DAMAGES, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, LOSS OF
32: * USE, DATA OR PROFITS, HOWEVER CAUSED AND UNDER ANY THEORY OF
33: * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
34: * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
35: * THE USE OF THIS SOFTWARE, EVEN IF PACKET DESIGN IS ADVISED OF
36: * THE POSSIBILITY OF SUCH DAMAGE.
37: *
38: * Author: Archie Cobbs <archie@freebsd.org>
39: */
40:
41: #ifndef _PDEL_HTTP_SERVLET_COOKIEAUTH_H_
42: #define _PDEL_HTTP_SERVLET_COOKIEAUTH_H_
43:
44: /*
45: * Function that should return non-zero if access to
46: * the supplied URL path requires a valid login cookie.
47: */
48: typedef int http_servlet_cookieauth_reqd_t(void *arg,
49: struct http_request *req);
50:
51: __BEGIN_DECLS
52:
53: /*
54: * Create a new cookieauth servlet that will redirect any requests
55: * not having a valid cookie to the "redirect" URL (presumably a
56: * login page); "append" functions as with http_servlet_redirect_create().
57: *
58: * "privkey" should point to the PEM-encoded RSA private key file.
59: *
60: * The opaque "id" must uniquely identify this server. Cookies created
61: * with different id's (e.g., different machines) are incompatible.
62: */
63: extern struct http_servlet *http_servlet_cookieauth_create(
64: const char *redirect, int append,
65: http_servlet_cookieauth_reqd_t *authreqd,
66: void *arg, void (*destroy)(void *),
67: const char *privkey, const void *id, size_t idlen,
68: const char *cookiename);
69:
70: /*
71: * Add a cookie that will cause the servlet to not redirect.
72: * That is, make the browser appear logged in as "username".
73: *
74: * The servlet returned by http_servlet_cookieauth_create() must be
75: * supplied.
76: *
77: * The cookie remains valid until time "expire". If "session_only"
78: * is set, the browser is instructed to delete the cookie when it
79: * exits (though from a security point of view you can't trust the
80: * browser to actually do that; use "expire" as a backup).
81: *
82: * If "linger" is non zero, force a re-login if the last time the servlet
83: * was run was longer than "linger" seconds ago.
84: *
85: * "path" and "domain" may be NULL to omit (i.e., leave as default).
86: *
87: * Returns zero if success, -1 if error.
88: */
89: extern int http_servlet_cookieauth_login(struct http_response *resp,
90: const char *privkey, const char *username,
91: u_int max_linger, time_t expire, int session_only,
92: const u_char *id, size_t idlen, const char *cookiename,
93: const char *path, const char *domain, int secure);
94:
95: /*
96: * Invalidate authorization cookie.
97: */
98: extern int http_servlet_cookieauth_logout(const char *cookiename,
99: const char *path, const char *domain,
100: struct http_response *resp);
101:
102: /*
103: * Get the username from the authorization cookie.
104: *
105: * Returns the username, or NULL if not logged in (EACCES) or error.
106: */
107: extern char *http_servlet_cookieauth_user(const char *privkey,
108: const void *id, size_t idlen, const char *cookiename,
109: struct http_request *req, const char *mtype);
110:
111: __END_DECLS
112:
113: #endif /* _PDEL_HTTP_SERVLET_COOKIEAUTH_H_ */
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to cookieauth.h CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / libpdel / http / servlet