[mapguide-commits] r9716 - trunk/MgDev/Web/src/DevHttpServer
svn_mapguide at osgeo.org
svn_mapguide at osgeo.org
Mon Aug 17 07:32:54 PDT 2020
Author: jng
Date: 2020-08-17 07:32:54 -0700 (Mon, 17 Aug 2020)
New Revision: 9716
Modified:
trunk/MgDev/Web/src/DevHttpServer/DevHttpServer.vcxproj
trunk/MgDev/Web/src/DevHttpServer/main.cpp
Log:
Fix MgDevHttpServer not issuing authentication challenge if one of [USERNAME/PASSWORD] or SESSION is not detected in the request parameters. This makes the handle behave in line with the existing Cgi/Isapi/Apache implementations.
Fixes #2813
Modified: trunk/MgDev/Web/src/DevHttpServer/DevHttpServer.vcxproj
===================================================================
--- trunk/MgDev/Web/src/DevHttpServer/DevHttpServer.vcxproj 2020-08-14 12:55:52 UTC (rev 9715)
+++ trunk/MgDev/Web/src/DevHttpServer/DevHttpServer.vcxproj 2020-08-17 14:32:54 UTC (rev 9716)
@@ -95,7 +95,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>..\..\..\Oem\cpp-httplib;..\..\..\Oem\tclap-1.2.2\include;..\HttpHandler;..\MapAgentCommon;..\WebSupport;..\WebApp;..\..\..\Common;..\..\..\Common\MdfModel;..\..\..\Common\Foundation;..\..\..\Common\Geometry;..\..\..\Common\PlatformBase;..\..\..\Common\MapGuideCommon;..\..\..\Oem\ACE\ACE_wrappers;..\..\..\Oem\dbxml\xerces-c-src\src;..\..\..\Oem\jsoncpp\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;_DEBUG;_WINDOWS;_USRDLL;MG_MAPAGENT_API_EXPORT;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;_DEBUG;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<ExceptionHandling>Async</ExceptionHandling>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@@ -123,7 +123,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>..\..\..\Oem\cpp-httplib;..\..\..\Oem\tclap-1.2.2\include;..\HttpHandler;..\MapAgentCommon;..\WebSupport;..\WebApp;..\..\..\Common;..\..\..\Common\MdfModel;..\..\..\Common\Foundation;..\..\..\Common\Geometry;..\..\..\Common\PlatformBase;..\..\..\Common\MapGuideCommon;..\..\..\Oem\ACE\ACE_wrappers;..\..\..\Oem\dbxml\xerces-c-src\src;..\..\..\Oem\jsoncpp\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;_DEBUG;_WINDOWS;_USRDLL;MG_MAPAGENT_API_EXPORT;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;_DEBUG;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<ExceptionHandling>Async</ExceptionHandling>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@@ -151,7 +151,7 @@
<ClCompile>
<Optimization>MaxSpeed</Optimization>
<AdditionalIncludeDirectories>..\..\..\Oem\cpp-httplib;..\..\..\Oem\tclap-1.2.2\include;..\HttpHandler;..\MapAgentCommon;..\WebSupport;..\WebApp;..\..\..\Common;..\..\..\Common\MdfModel;..\..\..\Common\Foundation;..\..\..\Common\Geometry;..\..\..\Common\PlatformBase;..\..\..\Common\MapGuideCommon;..\..\..\Oem\ACE\ACE_wrappers;..\..\..\Oem\dbxml\xerces-c-src\src;..\..\..\Oem\jsoncpp\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_USRDLL;MG_MAPAGENT_API_EXPORT;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<ExceptionHandling>Async</ExceptionHandling>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<WarningLevel>Level3</WarningLevel>
@@ -180,7 +180,7 @@
<ClCompile>
<Optimization>MaxSpeed</Optimization>
<AdditionalIncludeDirectories>..\..\..\Oem\cpp-httplib;..\..\..\Oem\tclap-1.2.2\include;..\HttpHandler;..\MapAgentCommon;..\WebSupport;..\WebApp;..\..\..\Common;..\..\..\Common\MdfModel;..\..\..\Common\Foundation;..\..\..\Common\Geometry;..\..\..\Common\PlatformBase;..\..\..\Common\MapGuideCommon;..\..\..\Oem\ACE\ACE_wrappers;..\..\..\Oem\dbxml\xerces-c-src\src;..\..\..\Oem\jsoncpp\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_USRDLL;MG_MAPAGENT_API_EXPORT;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<ExceptionHandling>Async</ExceptionHandling>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<WarningLevel>Level3</WarningLevel>
Modified: trunk/MgDev/Web/src/DevHttpServer/main.cpp
===================================================================
--- trunk/MgDev/Web/src/DevHttpServer/main.cpp 2020-08-14 12:55:52 UTC (rev 9715)
+++ trunk/MgDev/Web/src/DevHttpServer/main.cpp 2020-08-17 14:32:54 UTC (rev 9716)
@@ -426,8 +426,44 @@
logStr += MgUtil::WideCharToMultiByte(opv);
logStr += ")";
- auto status = SendRequest(request, res);
+ auto status = 200;
+ Ptr<MgPropertyCollection> paramList = param->GetParameters()->GetPropertyCollection();
+ if (paramList != NULL)
+ {
+ //Check to be sure that we have some kind of credentials before continuing. Either
+ //username/password or sessionid.
+ bool bValid = paramList->Contains(MgHttpResourceStrings::reqSession);
+ // Strike two: no session? how about a username?
+ if (!bValid)
+ bValid = paramList->Contains(MgHttpResourceStrings::reqUsername);
+ // Strike three: no username either? How about if it's an XML POST
+ if (!bValid)
+ bValid = param->GetXmlPostData().length() != 0;
+
+ // Certain operations do not require authentication
+ STRING operation = param->GetParameterValue(L"OPERATION");
+ if ((_wcsicmp(operation.c_str(), L"GETSITESTATUS") == 0))
+ {
+ bValid = true;
+ }
+
+ if (!bValid)
+ {
+ // Invalid authentication information is not fatal, we should continue.
+ HandleUnauthorized(res);
+
+ // clean up any temporary files we created
+ MapAgentCommon::DeleteTempFiles(param);
+
+ status = 401;
+ }
+ else
+ {
+ status = SendRequest(request, res);
+ }
+ }
+
logStr += " - ";
std::string sStatus;
MgUtil::Int32ToString(status, sStatus);
More information about the mapguide-commits
mailing list