Merge branch 'bugfix/external-auth-no-env-11391'

fixes #11391

library/Icinga/Authentication/Auth.php

@@ -240,10 +240,10 @@ class Auth
     public function authenticateFromSession()
     {
         $this->user = Session::getSession()->get('user');
-        if ($this->user !== null && $this->user->isExternalUser() === true) {
+        if ($this->user !== null && $this->user->isExternalUser()) {
             list($originUsername, $field) = $this->user->getExternalUserInformation();
-            $username = getenv($field); // usually REMOTE_USER here
+            $username = ExternalBackend::getRemoteUser($field);
-            if ( !$username || $username !== $originUsername) {
+            if ($username === null || $username !== $originUsername) {
                 $this->removeAuthorization();
             }
         }

library/Icinga/Authentication/User/ExternalBackend.php

@@ -52,14 +52,33 @@ class ExternalBackend implements UserBackendInterface
         return $this;
     }
 
+    /**
+     * Get the remote user from environment or $_SERVER, if any
+     *
+     * @param   string  $variable   The name variable where to read the user from
+     *
+     * @return  string|null
+     */
+    public static function getRemoteUser($variable = 'REMOTE_USER')
+    {
+        $username = getenv($variable);
+        if ($username !== false) {
+            return $username;
+        }
+        if (array_key_exists($variable, $_SERVER)) {
+            return $_SERVER[$variable];
+        }
+        return null;
+    }
+
 
     /**
      * {@inheritdoc}
      */
     public function authenticate(User $user, $password = null)
     {
-        $username = getenv('REMOTE_USER');
+        $username = static::getRemoteUser();
-        if ($username !== false) {
+        if ($username !== null) {
             $user->setExternalUserInformation($username, 'REMOTE_USER');
 
             if ($this->stripUsernameRegexp) {