diff options
author | Derrell Lipman <derrell@samba.org> | 2007-01-03 19:57:40 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 14:36:06 -0500 |
commit | 2e7c59c24470766e37309c7a8bfa4c7b81c57614 (patch) | |
tree | c44c89911868c52f25ca66bdefa68e13248db8e6 /webapps/scripting/preauth.esp | |
parent | 57f5bf78fa9fc9d190c3cb25251e686a1488f790 (diff) | |
download | samba-2e7c59c24470766e37309c7a8bfa4c7b81c57614.tar.gz samba-2e7c59c24470766e37309c7a8bfa4c7b81c57614.tar.bz2 samba-2e7c59c24470766e37309c7a8bfa4c7b81c57614.zip |
r20515: Continued work on the Web Application Framework. Until we get all of the
functionality of the old scripts incorporated into the new framework, the old
scripts need to still be available. I've reverted to having the old scripts
be the default pages, and added an option to access the preview of the new
SWAT.
(This used to be commit b43620d4b8eff815f4a6dc02522a8dfc9fdcaef4)
Diffstat (limited to 'webapps/scripting/preauth.esp')
-rw-r--r-- | webapps/scripting/preauth.esp | 49 |
1 files changed, 0 insertions, 49 deletions
diff --git a/webapps/scripting/preauth.esp b/webapps/scripting/preauth.esp deleted file mode 100644 index 84534cacef..0000000000 --- a/webapps/scripting/preauth.esp +++ /dev/null @@ -1,49 +0,0 @@ -<% -include("/scripting/common.js"); - -/* - check if a uri is one of the 'always allowed' pages, even when not logged in - This allows the login page to use the same style sheets and images -*/ -function always_allowed(uri) { - var str = string_init(); - - /* allow the primary web application to do its own authentication */ - var s = str.split('/', uri); - if (s[0] == "" && (s.length == 1 || /* no path provided */ - s[1] == 'index.html' || - s[1] == "script" || - s[1] == "resource")) { - return true; - } - - var s = str.split('.', uri); - if (s.length < 2) { - return false; - } - - var ext = s[s.length-1]; - var allowed = new Array("ico", "gif", "png","css", "js"); - for (i in allowed) { - if (allowed[i] == ext) { - return true; - } - } - return false; -} - - -/* this script is called on every web request. If it produces any - output at all then that output is returned and the requested page - is not given or processed. -*/ -if (server['SERVER_PROTOCOL'] == "http" && - server['TLS_SUPPORT'] == "True") { - write("redirect to https"); - redirect("https://" + headers['HOST'] + request['REQUEST_URI']); -} else if (always_allowed(request['REQUEST_URI']) != true && - session['AUTHENTICATED'] == undefined) { - /* present the login page */ - include("/login.esp"); -} -%> |