#else
shib_request_config* rc = (shib_request_config*)ap_get_module_config(r->request_config, &mod_shib);
if (!rc || !rc->sta) {
- ap_log_rerror(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, SH_AP_R(r), "shib_handler found no per-request structure");
- return SERVER_ERROR;
+ ap_log_rerror(APLOG_MARK, APLOG_INFO|APLOG_NOERRNO, SH_AP_R(r), "shib_handler found no per-request structure");
+ shib_post_read(r); // ensures objects are created if post_read hook didn't run
+ rc = (shib_request_config*)ap_get_module_config(r->request_config, &mod_shib);
}
ShibTargetApache* psta = rc->sta;
#endif
return sta.second;
try {
- const Session* session = sta.first->getSession(false);
+ Session* session = sta.first->getSession(false, true, false);
+ Locker slocker(session, false);
if (session) {
sta.first->log(SPRequest::SPDebug, "htaccess: accepting valid-user based on active session");
return AUTHZ_GRANTED;
const htAccessControl& hta = dynamic_cast<const ApacheRequestMapper*>(sta.first->getRequestSettings().first)->getHTAccessControl();
try {
- const Session* session = sta.first->getSession(false);
+ Session* session = sta.first->getSession(false, true, false);
+ Locker slocker(session, false);
if (session && hta.doAuthnContext(*sta.first, session->getAuthnContextClassRef(), require_line) == AccessControl::shib_acl_true)
return AUTHZ_GRANTED;
return session ? AUTHZ_DENIED : AUTHZ_DENIED_NO_USER;
const htAccessControl& hta = dynamic_cast<const ApacheRequestMapper*>(sta.first->getRequestSettings().first)->getHTAccessControl();
try {
- const Session* session = sta.first->getSession(false);
+ Session* session = sta.first->getSession(false, true, false);
+ Locker slocker(session, false);
if (session && hta.doAuthnContext(*sta.first, session->getAuthnContextDeclRef(), require_line) == AccessControl::shib_acl_true)
return AUTHZ_GRANTED;
return session ? AUTHZ_DENIED : AUTHZ_DENIED_NO_USER;
const htAccessControl& hta = dynamic_cast<const ApacheRequestMapper*>(sta.first->getRequestSettings().first)->getHTAccessControl();
try {
- const Session* session = sta.first->getSession(false);
+ Session* session = sta.first->getSession(false, true, false);
+ Locker slocker(session, false);
if (session) {
const char* rule = ap_getword_conf(r->pool, &require_line);
if (rule && hta.doShibAttr(*sta.first, session, rule, require_line) == AccessControl::shib_acl_true)
const htAccessControl& hta = dynamic_cast<const ApacheRequestMapper*>(sta.first->getRequestSettings().first)->getHTAccessControl();
try {
- const Session* session = sta.first->getSession(false);
+ Session* session = sta.first->getSession(false, true, false);
+ Locker slocker(session, false);
if (session) {
const char* config = ap_getword_conf(r->pool, &require_line);
if (config && hta.doAccessControl(*sta.first, session, config) == AccessControl::shib_acl_true)