Added authoritative support.

[mod_auth_kerb.cvs/.git] / apache2 / auth_user.c

diff --git a/apache2/auth_user.c b/apache2/auth_user.c
index 444fa9b..955dc0d 100644 (file)
--- a/apache2/auth_user.c
+++ b/apache2/auth_user.c
@@ -52,7 +52,12 @@ int kerb_authenticate_user(request_rec *r) {
        }
 
        if (!KerberosV4 && !KerberosV5) {
-               return DECLINED;
+               if (conf->krb_authoritative) {
+                       return HTTP_UNAUTHORIZED;
+               }
+               else {
+                       return DECLINED;
+               }
        }
 
        name = ap_auth_name(r);
@@ -112,5 +117,10 @@ int kerb_authenticate_user(request_rec *r) {
        }
 #endif /* KRB5 && KRB4 */
 
-       return retcode;
+       if (conf->krb_authoritative && retcode == DECLINED) {
+               return HTTP_UNAUTHORIZED;
+       }
+       else {
+               return retcode;
+       }
 }