Merge pull request #1860 from GoodOldJack12/httpd_cas_expansion

jrha · web-flow · commit d4eb7963b184 · 2026-03-11T14:41:18.000Z
ncm-metaconfig: httpd: add more CAS options
diff --git a/ncm-metaconfig/src/main/metaconfig/httpd/2.4/tests/profiles/keystone.pan b/ncm-metaconfig/src/main/metaconfig/httpd/2.4/tests/profiles/keystone.pan
@@ -86,6 +86,11 @@ prefix "contents";
     data['name'] = "/identity_admin";
     data['wsgi']['processgroup'] = "keystone-admin";
     data["casscope"] = "/";
+    data["cascookie"] = "MOD_AUTH_CAS_CUSTOM";
+    data["cassecurecookie"] = "MOD_AUTH_CAS_CUSTOM_S";
+    data["casgatewaycookie"] = "MOD_AUTH_CAS_CUSTOM_G";
+    data["casssoenabled"] = true;
+
     append(data);
 
     SELF;
diff --git a/ncm-metaconfig/src/main/metaconfig/httpd/2.4/tests/regexps/keystone/base b/ncm-metaconfig/src/main/metaconfig/httpd/2.4/tests/regexps/keystone/base
@@ -16,11 +16,15 @@ Base test for keystone wsgi config
 ^</location>
 ^<location /identity_admin>
 ^    options \+ExecCGI
+^    casscope /
+^    cascookie MOD_AUTH_CAS_CUSTOM
+^    cassecurecookie MOD_AUTH_CAS_CUSTOM_S
+^    casgatewaycookie MOD_AUTH_CAS_CUSTOM_G
+^    casssoenabled on
 ^    sethandler wsgi-script
 ^    wsgiapplicationgroup %\{GLOBAL\}
 ^    wsgipassauthorization on
 ^    wsgiprocessgroup keystone-admin
-^    casscope /
 ^</location>
 ^<virtualhost    \*:5000>
 ^    hostnamelookups off
diff --git a/ncm-metaconfig/src/main/metaconfig/httpd/config/cas.tt b/ncm-metaconfig/src/main/metaconfig/httpd/config/cas.tt
@@ -0,0 +1,15 @@
+[% IF desc.exists('casscope') -%]  
+casscope [% desc.casscope %]  
+[% END -%]  
+[% IF desc.exists('cascookie') -%]  
+cascookie [% desc.cascookie %]  
+[% END -%]  
+[% IF desc.exists('cassecurecookie') -%]  
+cassecurecookie [% desc.cassecurecookie %]  
+[% END -%]
+[% IF desc.exists('casgatewaycookie') -%]  
+casgatewaycookie [% desc.casgatewaycookie %]  
+[% END -%]
+[% IF desc.exists('casssoenabled') -%]  
+casssoenabled [% desc.casssoenabled ? "on" : "off" %]  
+[% END -%]
diff --git a/ncm-metaconfig/src/main/metaconfig/httpd/config/casscope.tt b/ncm-metaconfig/src/main/metaconfig/httpd/config/casscope.tt
diff --git a/ncm-metaconfig/src/main/metaconfig/httpd/config/directory_basic.tt b/ncm-metaconfig/src/main/metaconfig/httpd/config/directory_basic.tt
@@ -1,11 +1,12 @@
 [%- INCLUDE metaconfig/httpd/config/file_basic.tt  %]
+[%- INCLUDE metaconfig/httpd/config/cas.tt  %]
 [%- IF desc.exists('directoryindex') %]
 directoryindex [% desc.directoryindex.join(' ') %]
 [% END -%]
 [%- IF desc.exists('limitrequestbody') %]
 limitrequestbody [% desc.limitrequestbody %]
 [% END -%]
-[%- to_process = ['rewrite', 'handler', 'perl', 'outputfilter', 'env', 'limit', 'proxy', 'wsgi', 'expires', 'casscope'] -%]
+[%- to_process = ['rewrite', 'handler', 'perl', 'outputfilter', 'env', 'limit', 'proxy', 'wsgi', 'expires'] -%]
 [%- FOREACH p IN to_process -%]
 [%-      IF desc.exists(p) -%]
 [%          INCLUDE "metaconfig/httpd/config/${p}.tt" desc=desc.$p %]
diff --git a/ncm-metaconfig/src/main/metaconfig/httpd/pan/schema.pan b/ncm-metaconfig/src/main/metaconfig/httpd/pan/schema.pan
@@ -621,9 +621,16 @@ type httpd_expires = {
     "default" ? string
     "bytype" ? string{}
 };
-
+type httpd_cas = {
+    "casscope" ? string_trimmed
+    "cascookie" ? string_trimmed
+    "cassecurecookie" ? string_trimmed
+    "casgatewaycookie" ? string_trimmed
+    "casssoenabled" ? boolean
+};
 type httpd_directory = {
     include httpd_file
+    include httpd_cas
     "rewrite" ? httpd_rewrite
     "handler" ? httpd_handler
     "outputfilter" ? httpd_outputfilter
@@ -637,7 +644,6 @@ type httpd_directory = {
     "davrods" ? httpd_davrods
     "files" ? httpd_file[]
     "expires" ? httpd_expires
-    "casscope" ? string_trimmed
 };
 
 type httpd_vhost_ip = string with is_ip(SELF) || SELF == '*';
