From 8b9d446d2ed766f9c8793d6751969f642ca77940 Mon Sep 17 00:00:00 2001
From: Marius Hein <marius.hein@netways.de>
Date: Tue, 29 Jul 2014 10:42:43 +0200
Subject: [PATCH] Autologin: Remove deprecated autologin methods

Remove methods from manager because autologin
is now handled with special backends (AutoLoginBackend).

The session is used to store the status about a remote
user authentication to send a 401 header to the client
upon logout.

refs #6461
---
 .../controllers/AuthenticationController.php  |  9 +++++-
 library/Icinga/Authentication/Manager.php     | 31 -------------------
 2 files changed, 8 insertions(+), 32 deletions(-)

diff --git a/application/controllers/AuthenticationController.php b/application/controllers/AuthenticationController.php
index bbb475989..47825c210 100644
--- a/application/controllers/AuthenticationController.php
+++ b/application/controllers/AuthenticationController.php
@@ -14,6 +14,7 @@ use Icinga\Exception\AuthenticationException;
 use Icinga\Exception\NotReadableError;
 use Icinga\Exception\ConfigurationError;
 use Icinga\User;
+use Icinga\Web\Session;
 use Icinga\Web\Url;
 
 /**
@@ -67,6 +68,9 @@ class AuthenticationController extends ActionController
                         $authenticated  = $backend->authenticate($user);
                         if ($authenticated === true) {
                             $auth->setAuthenticated($user);
+                            $session = Session::getSession()->getNamespace('authentication');
+                            $session->set('is_remote_user', true);
+                            $session->write();
                             $this->rerenderLayout()->redirectNow($redirectUrl);
                         }
                     }
@@ -131,9 +135,12 @@ class AuthenticationController extends ActionController
     public function logoutAction()
     {
         $auth = $this->Auth();
+
+        $session = Session::getSession()->getNamespace('authentication');
+
         $auth->removeAuthorization();
 
-        if ($auth->isAuthenticatedFromRemoteUser()) {
+        if ($session->get('is_remote_user', false) === true) {
             $this->_helper->layout->setLayout('login');
             $this->_response->setHttpResponseCode(401);
         } else {
diff --git a/library/Icinga/Authentication/Manager.php b/library/Icinga/Authentication/Manager.php
index 01964ef00..a0465d306 100644
--- a/library/Icinga/Authentication/Manager.php
+++ b/library/Icinga/Authentication/Manager.php
@@ -204,35 +204,4 @@ class Manager
     {
         return $this->user->getGroups();
     }
-
-    /**
-     * Tries to authenticate the user from the session, and then from the REMOTE_USER superglobal, that can be set by
-     * an external authentication provider.
-     */
-    public function authenticateFromRemoteUser()
-    {
-        if (array_key_exists('REMOTE_USER', $_SERVER)) {
-            $this->fromRemoteUser = true;
-        }
-        $this->authenticateFromSession();
-        if ($this->user !== null) {
-            if (array_key_exists('REMOTE_USER', $_SERVER) && $this->user->getUsername() !== $_SERVER["REMOTE_USER"]) {
-                // Remote user has changed, clear all sessions
-                $this->removeAuthorization();
-            }
-            return;
-        }
-        if (array_key_exists('REMOTE_USER', $_SERVER) && $_SERVER["REMOTE_USER"]) {
-            $this->user = new User($_SERVER["REMOTE_USER"]);
-            $this->persistCurrentUser();
-        }
-    }
-
-    /**
-     * If the session was established from the REMOTE_USER server variable.
-     */
-    public function isAuthenticatedFromRemoteUser()
-    {
-        return $this->fromRemoteUser;
-    }
 }