From 414a78d53273c831b58e272639ad31d749d84969 Mon Sep 17 00:00:00 2001 From: "Alexander A. Klimov" Date: Fri, 18 Dec 2015 13:26:38 +0100 Subject: [PATCH 1/2] Use getenv() instead of $_SERVER to get ICINGAWEB_CONFIGDIR refs #10488 --- library/Icinga/Application/ApplicationBootstrap.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/library/Icinga/Application/ApplicationBootstrap.php b/library/Icinga/Application/ApplicationBootstrap.php index d19e6cde3..2df4e83e3 100644 --- a/library/Icinga/Application/ApplicationBootstrap.php +++ b/library/Icinga/Application/ApplicationBootstrap.php @@ -138,9 +138,8 @@ abstract class ApplicationBootstrap $this->setupAutoloader(); if ($configDir === null) { - if (array_key_exists('ICINGAWEB_CONFIGDIR', $_SERVER)) { - $configDir = $_SERVER['ICINGAWEB_CONFIGDIR']; - } else { + $configDir = getenv('ICINGAWEB_CONFIGDIR'); + if ($configDir === false) { $configDir = Platform::isWindows() ? $baseDir . '/config' : '/etc/icingaweb2'; From fc8873ec0af05aa5d2554f7849eeaa62868d3386 Mon Sep 17 00:00:00 2001 From: "Alexander A. Klimov" Date: Fri, 18 Dec 2015 13:26:38 +0100 Subject: [PATCH 2/2] Use getenv() instead of $_SERVER to get REMOTE_USER refs #10488 --- library/Icinga/Authentication/User/ExternalBackend.php | 4 ++-- modules/setup/application/forms/AdminAccountPage.php | 4 ++-- modules/setup/application/forms/AuthenticationPage.php | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/library/Icinga/Authentication/User/ExternalBackend.php b/library/Icinga/Authentication/User/ExternalBackend.php index 62b1ea40e..30e816089 100644 --- a/library/Icinga/Authentication/User/ExternalBackend.php +++ b/library/Icinga/Authentication/User/ExternalBackend.php @@ -58,8 +58,8 @@ class ExternalBackend implements UserBackendInterface */ public function authenticate(User $user, $password = null) { - if (isset($_SERVER['REMOTE_USER'])) { - $username = $_SERVER['REMOTE_USER']; + $username = getenv('REMOTE_USER'); + if ($username !== false) { $user->setExternalUserInformation($username, 'REMOTE_USER'); if ($this->stripUsernameRegexp) { diff --git a/modules/setup/application/forms/AdminAccountPage.php b/modules/setup/application/forms/AdminAccountPage.php index c0d5cff6f..94b83b897 100644 --- a/modules/setup/application/forms/AdminAccountPage.php +++ b/modules/setup/application/forms/AdminAccountPage.php @@ -269,11 +269,11 @@ class AdminAccountPage extends Form */ protected function getUsername() { - if (false === isset($_SERVER['REMOTE_USER'])) { + $name = getenv('REMOTE_USER'); + if ($name === false) { return ''; } - $name = $_SERVER['REMOTE_USER']; if (isset($this->backendConfig['strip_username_regexp']) && $this->backendConfig['strip_username_regexp']) { // No need to silence or log anything here because the pattern has // already been successfully compiled during backend configuration diff --git a/modules/setup/application/forms/AuthenticationPage.php b/modules/setup/application/forms/AuthenticationPage.php index 370e4bb95..dada8ac84 100644 --- a/modules/setup/application/forms/AuthenticationPage.php +++ b/modules/setup/application/forms/AuthenticationPage.php @@ -30,7 +30,7 @@ class AuthenticationPage extends Form */ public function createElements(array $formData) { - if (isset($formData['type']) && $formData['type'] === 'external' && !isset($_SERVER['REMOTE_USER'])) { + if (isset($formData['type']) && $formData['type'] === 'external' && getenv('REMOTE_USER') === false) { $this->info( $this->translate( 'You\'re currently not authenticated using any of the web server\'s authentication '