tyler.durden
/
icingaweb2
mirror of https://github.com/Icinga/icingaweb2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'bugfix/external-auth-no-env-11391' 

fixes #11391
This commit is contained in:
Eric Lippmann 2016-04-13 13:57:56 +02:00
parent 855e7f7120 99d08bf03b
commit 99adeaa065
2 changed files with 24 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
library/Icinga/Authentication/Auth.php
View File

@ -240,10 +240,10 @@ class Auth
public function authenticateFromSession()
{
$this->user = Session::getSession()->get('user');
if ($this->user !== null && $this->user->isExternalUser() === true) {
if ($this->user !== null && $this->user->isExternalUser()) {
list($originUsername, $field) = $this->user->getExternalUserInformation();
$username = getenv($field); // usually REMOTE_USER here
if ( !$username || $username !== $originUsername) {
$username = ExternalBackend::getRemoteUser($field);
if ($username === null || $username !== $originUsername) {
$this->removeAuthorization();
}
}

23
library/Icinga/Authentication/User/ExternalBackend.php
View File

@ -52,14 +52,33 @@ class ExternalBackend implements UserBackendInterface
return $this;
}
/**
* Get the remote user from environment or $_SERVER, if any
*
* @param string $variable The name variable where to read the user from
*
* @return string|null
*/
public static function getRemoteUser($variable = 'REMOTE_USER')
{
$username = getenv($variable);
if ($username !== false) {
return $username;
}
if (array_key_exists($variable, $_SERVER)) {
return $_SERVER[$variable];
}
return null;
}
/**
* {@inheritdoc}
*/
public function authenticate(User $user, $password = null)
{
$username = getenv('REMOTE_USER');
if ($username !== false) {
$username = static::getRemoteUser();
if ($username !== null) {
$user->setExternalUserInformation($username, 'REMOTE_USER');
if ($this->stripUsernameRegexp) {