From 99d08bf03b6be08eebfa5575d88bf35ae12ac467 Mon Sep 17 00:00:00 2001 From: Eric Lippmann Date: Mon, 11 Apr 2016 14:07:44 +0200 Subject: [PATCH] Get remote user from $_SERVER if env does not have it in external auth refs #11391 --- library/Icinga/Authentication/Auth.php | 6 +++--- library/Icinga/Authentication/User/ExternalBackend.php | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/library/Icinga/Authentication/Auth.php b/library/Icinga/Authentication/Auth.php index 392a59d71..814f1366e 100644 --- a/library/Icinga/Authentication/Auth.php +++ b/library/Icinga/Authentication/Auth.php @@ -240,10 +240,10 @@ class Auth public function authenticateFromSession() { $this->user = Session::getSession()->get('user'); - if ($this->user !== null && $this->user->isExternalUser() === true) { + if ($this->user !== null && $this->user->isExternalUser()) { list($originUsername, $field) = $this->user->getExternalUserInformation(); - $username = getenv($field); // usually REMOTE_USER here - if ( !$username || $username !== $originUsername) { + $username = ExternalBackend::getRemoteUser($field); + if ($username === null || $username !== $originUsername) { $this->removeAuthorization(); } } diff --git a/library/Icinga/Authentication/User/ExternalBackend.php b/library/Icinga/Authentication/User/ExternalBackend.php index 616f2371e..3baf1c8e0 100644 --- a/library/Icinga/Authentication/User/ExternalBackend.php +++ b/library/Icinga/Authentication/User/ExternalBackend.php @@ -77,8 +77,8 @@ class ExternalBackend implements UserBackendInterface */ public function authenticate(User $user, $password = null) { - $username = getenv('REMOTE_USER'); - if ($username !== false) { + $username = static::getRemoteUser(); + if ($username !== null) { $user->setExternalUserInformation($username, 'REMOTE_USER'); if ($this->stripUsernameRegexp) {