From: Adam Dickmeiss <adam@indexdata.dk>
Date: Mon, 23 Sep 2013 09:27:39 +0000 (+0200)
Subject: Support pz:authentication_mode.
X-Git-Tag: v1.6.35~1
X-Git-Url: http://git.indexdata.com/?p=pazpar2-moved-to-github.git;a=commitdiff_plain;h=9e8d657340483f6af7169828917da385f8e6ee9f

Support pz:authentication_mode.
---

diff --git a/doc/pazpar2_conf.xml b/doc/pazpar2_conf.xml
index c61a73e..a7dc400 100644
--- a/doc/pazpar2_conf.xml
+++ b/doc/pazpar2_conf.xml
@@ -1250,8 +1250,35 @@
      <term>pz:authentication</term>
      <listitem>
       <para>
-       Sets an authentication string for a given server. See the section on
-       authorization and authentication for discussion.
+       Sets an authentication string for a given database. For Z39.50,
+       this is carried as part of the Initialize Request. In order to carry
+       the information in the "open" elements, separate
+       username and password with a slash (In Z39.50 it is a VisibleString).
+       In order to carry the information in the idPass  elements, separate
+       username term, password term and,  optionally, a group term with a
+       single blank.
+       If three terms are given, the order is
+       <emphasis>user, group, password</emphasis>.
+       If only two terms are given, the order is
+       <emphasis>user, password</emphasis>.
+      </para>
+      <para>
+       For HTTP based procotols, such as SRU and Solr, the authentication
+       string includes a username term and, optionally, a password term.
+       Each term is separated by a single blank. The
+       authentication information is passed either by HTTP basic
+       authentication or via URL parameters. The mode is operation is
+       determined by <literal>pz:authentication_mode</literal> setting.
+      </para>
+     </listitem>
+    </varlistentry>
+
+    <varlistentry>
+     <term>pz:authentication_mode</term>
+     <listitem>
+      <para>
+       Determines how authentication is carried in HTTP based protocols.
+       Value may be "<literal>basic</literal>" or "<literal>url</literal>".
       </para>
      </listitem>
     </varlistentry>
@@ -1262,8 +1289,6 @@
        Allows or denies access to the resources it is applied to. Possible
        values are '0' and '1'.
        The default is '1' (allow access to this resource).
-       See the manual section on authorization and authentication for
-       discussion about how to use this setting.
       </para>
      </listitem>
     </varlistentry>
diff --git a/src/connection.c b/src/connection.c
index 51468c4..d2c9b70 100644
--- a/src/connection.c
+++ b/src/connection.c
@@ -410,6 +410,7 @@ static int connection_connect(struct connection *con, iochan_man_t iochan_man)
     const char *charset;
     const char *sru;
     const char *sru_version = 0;
+    const char *value;
     WRBUF w;
 
     struct session_database *sdb = client_get_database(con->client);
@@ -440,13 +441,27 @@ static int connection_connect(struct connection *con, iochan_man_t iochan_man)
     if (apdulog && *apdulog)
         ZOOM_options_set(zoptions, "apdulog", apdulog);
 
+
+    if ((sru = session_setting_oneval(sdb, PZ_SRU)) && *sru)
+        ZOOM_options_set(zoptions, "sru", sru);
+    if ((sru_version = session_setting_oneval(sdb, PZ_SRU_VERSION))
+        && *sru_version)
+        ZOOM_options_set(zoptions, "sru_version", sru_version);
+
     if ((auth = session_setting_oneval(sdb, PZ_AUTHENTICATION)))
     {
+        /* allow splitting user and reset with a blank always */
         const char *cp1 = strchr(auth, ' ');
+        if (!cp1 && sru && *sru_version)
+            cp1 =  strchr(auth, '/');
         if (!cp1)
+        {
+            /* Z39.50 user/password style, or no password for SRU */
             ZOOM_options_set(zoptions, "user", auth);
+        }
         else
         {
+            /* now consider group as well */
             const char *cp2 = strchr(cp1 + 1, ' ');
 
             ZOOM_options_setl(zoptions, "user", auth, cp1 - auth);
@@ -459,11 +474,11 @@ static int connection_connect(struct connection *con, iochan_man_t iochan_man)
             }
         }
     }
-    if ((sru = session_setting_oneval(sdb, PZ_SRU)) && *sru)
-        ZOOM_options_set(zoptions, "sru", sru);
-    if ((sru_version = session_setting_oneval(sdb, PZ_SRU_VERSION))
-        && *sru_version)
-        ZOOM_options_set(zoptions, "sru_version", sru_version);
+
+    value = session_setting_oneval(sdb, PZ_AUTHENTICATION_MODE);
+    if (value && *value)
+        ZOOM_options_set(zoptions, "authenticationMode", value);
+
     if (!(con->link = ZOOM_connection_create(zoptions)))
     {
         yaz_log(YLOG_FATAL|YLOG_ERRNO, "Failed to create ZOOM Connection");
diff --git a/src/settings.c b/src/settings.c
index d2e15ec..63b8b9b 100644
--- a/src/settings.c
+++ b/src/settings.c
@@ -82,6 +82,7 @@ static char *hard_settings[] = {
     "pz:present_chunk",
     "pz:block_timeout",
     "pz:extendrecs",
+    "pz:authentication_mode",
     0
 };
 
diff --git a/src/settings.h b/src/settings.h
index d36a5a2..98278c4 100644
--- a/src/settings.h
+++ b/src/settings.h
@@ -55,7 +55,8 @@ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 #define PZ_PRESENT_CHUNK        32
 #define PZ_BLOCK_TIMEOUT        33
 #define PZ_EXTENDRECS           34
-#define PZ_MAX_EOF              35
+#define PZ_AUTHENTICATION_MODE  35
+#define PZ_MAX_EOF              36
 
 struct setting
 {