tyler.durden/icingaweb2
1
0
Fork 0
mirror of https://github.com/Icinga/icingaweb2.git synced 2025-07-27 07:44:04 +02:00
Code Issues Packages Projects Releases Wiki Activity

Autologin: Use REMOTE_USER for authentication

Browse Source 
It's not safe to rely on PHP_AUTH_USER and PHP_AUTH_TYPE because
PHP cgi handlers (fgcid for example) only set the REMOTE_USER environment variable
and the authentication type for negogiation methods (Kerberos for example) is neither
Basic nor Digest.
We may have to add REDIRECT_REMOTE_USER for authentication for proxy setups.
This commit is contained in:
Eric Lippmann 2014-06-11 14:47:15 +02:00
parent c09341d77e
commit 63fc8eb27e
1 changed files with 2 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
library/Icinga/Authentication/Backend/AutoLoginBackend.php
View File

@ -53,11 +53,8 @@ class AutoLoginBackend extends UserBackend
*/ */
public function hasUser(User $user) public function hasUser(User $user)
{ {
if (isset($_SERVER['PHP_AUTH_USER']) if (isset($_SERVER['REMOTE_USER'])) {
&& isset($_SERVER['AUTH_TYPE']) $username = $_SERVER['REMOTE_USER'];
&& in_array($_SERVER['AUTH_TYPE'], array('Basic', 'Digest')) === true
) {
$username = $_SERVER['PHP_AUTH_USER'];
if ($username !== false) { if ($username !== false) {
if ($this->stripUsernameRegexp !== null) { if ($this->stripUsernameRegexp !== null) {