Autologin: Remove deprecated autologin methods

Remove methods from manager because autologin is now handled with special backends (AutoLoginBackend). The session is used to store the status about a remote user authentication to send a 401 header to the client upon logout. refs #6461
2014-07-29 10:42:43 +02:00 · 2014-07-29 10:42:43 +02:00 · 8b9d446d2e
parent a4b7204e23
commit 8b9d446d2e
2 changed files with 8 additions and 32 deletions
--- a/application/controllers/AuthenticationController.php
+++ b/application/controllers/AuthenticationController.php
@ -14,6 +14,7 @@ use Icinga\Exception\AuthenticationException;
 use Icinga\Exception\NotReadableError;
 use Icinga\Exception\ConfigurationError;
 use Icinga\User;
+use Icinga\Web\Session;
 use Icinga\Web\Url;

 /**
@ -67,6 +68,9 @@ class AuthenticationController extends ActionController
                        $authenticated  = $backend->authenticate($user);
                        if ($authenticated === true) {
                            $auth->setAuthenticated($user);
+                            $session = Session::getSession()->getNamespace('authentication');
+                            $session->set('is_remote_user', true);
+                            $session->write();
                            $this->rerenderLayout()->redirectNow($redirectUrl);
                        }
                    }
@ -131,9 +135,12 @@ class AuthenticationController extends ActionController
    public function logoutAction()
    {
        $auth = $this->Auth();
+
+        $session = Session::getSession()->getNamespace('authentication');
+
        $auth->removeAuthorization();

-        if ($auth->isAuthenticatedFromRemoteUser()) {
+        if ($session->get('is_remote_user', false) === true) {
            $this->_helper->layout->setLayout('login');
            $this->_response->setHttpResponseCode(401);
        } else {
--- a/library/Icinga/Authentication/Manager.php
+++ b/library/Icinga/Authentication/Manager.php
@ -204,35 +204,4 @@ class Manager
    {
        return $this->user->getGroups();
    }
-
-    /**
-     * Tries to authenticate the user from the session, and then from the REMOTE_USER superglobal, that can be set by
-     * an external authentication provider.
-     */
-    public function authenticateFromRemoteUser()
-    {
-        if (array_key_exists('REMOTE_USER', $_SERVER)) {
-            $this->fromRemoteUser = true;
-        }
-        $this->authenticateFromSession();
-        if ($this->user !== null) {
-            if (array_key_exists('REMOTE_USER', $_SERVER) && $this->user->getUsername() !== $_SERVER["REMOTE_USER"]) {
-                // Remote user has changed, clear all sessions
-                $this->removeAuthorization();
-            }
-            return;
-        }
-        if (array_key_exists('REMOTE_USER', $_SERVER) && $_SERVER["REMOTE_USER"]) {
-            $this->user = new User($_SERVER["REMOTE_USER"]);
-            $this->persistCurrentUser();
-        }
-    }
-
-    /**
-     * If the session was established from the REMOTE_USER server variable.
-     */
-    public function isAuthenticatedFromRemoteUser()
-    {
-        return $this->fromRemoteUser;
-    }
 }