Implement disable flag for authentication backends

refs #4941

config/authentication.ini.in

@@ -12,22 +12,24 @@
 ; priority.
 
 
-@use_ldap_auth@[ldap_authentication]
+[ldap_authentication]
-@use_ldap_auth@backend     = "ldap"
+@ldap_auth_disabled@
-@use_ldap_auth@target      = "user"
+backend     = "ldap"
-@use_ldap_auth@hostname    = "@ldap_host@"
+target      = "user"
-@use_ldap_auth@port        = "@ldap_port@"
+hostname    = "@ldap_host@"
-@use_ldap_auth@root_dn     = "@ldap_rootdn@"
+port        = "@ldap_port@"
-@use_ldap_auth@bind_dn     = "@ldap_binddn@"
+root_dn     = "@ldap_rootdn@"
-@use_ldap_auth@bind_pw     = "@ldap_bindpass@"
+bind_dn     = "@ldap_binddn@"
+bind_pw     = "@ldap_bindpass@"
 
 ; Object class of the user
-@use_ldap_auth@user_class              = "@ldap_user_objectclass@"
+user_class              = "@ldap_user_objectclass@"
 
 ; Attribute name for username
-@use_ldap_auth@user_name_attribute     = "@ldap_attribute_username@"
+user_name_attribute     = "@ldap_attribute_username@"
 
-@use_internal_auth@[internal_authentication]
+[internal_authentication]
-@use_internal_auth@backend     = db
+@internal_auth_disabled@
-@use_internal_auth@target      = "user"
+backend     = db
-@use_internal_auth@resource    = "internal_db"
+target      = "user"
+resource    = "internal_db"

configure

@@ -590,8 +590,8 @@ ac_subst_vars='LTLIBOBJS
 LIBOBJS
 INSTALL_OPTS_WEB
 INSTALL_OPTS
-use_internal_auth
+internal_auth_disabled
-use_ldap_auth
+ldap_auth_disabled
 icinga_commandpipe
 livestatus_enabled
 livestatus_socket
@@ -2832,7 +2832,7 @@ case $icinga_backend in #(
     statusdat_enabled="" ;;
 esac
 
-use_ldap_auth=";"
+ldap_auth_disabled="disabled    = \"1\""
 if test "x$ldap_authentication" != xno; then :
 
   for x in ldap;do
@@ -2846,11 +2846,11 @@ else
 fi
   done
 
-    use_ldap_auth=""
+    ldap_auth_disabled=""
 
 fi
 
-use_internal_auth=";"
+internal_auth_disabled="disabled    = \"1\""
 if test "x$internal_authentication" != xno; then :
 
   for x in ldap;do
@@ -2864,7 +2864,7 @@ else
 fi
   done
 
-    use_internal_auth=""
+    internal_auth_disabled=""
 
 fi
 

configure.ac

@@ -348,16 +348,16 @@ AS_CASE([$icinga_backend],
     ["livestatus"], [livestatus_enabled=""],
     [statusdat_enabled=""])
 
-use_ldap_auth=";"
+ldap_auth_disabled="disabled    = \"1\""
 AS_IF([test "x$ldap_authentication" != xno],
     AC_CHECK_PHP_MODULE([ldap])
-    use_ldap_auth=""
+    ldap_auth_disabled=""
 )
 
-use_internal_auth=";"
+internal_auth_disabled="disabled    = \"1\""
 AS_IF([test "x$internal_authentication" != xno],
     AC_CHECK_PHP_MODULE([ldap])
-    use_internal_auth=""
+    internal_auth_disabled=""
 )
 
 #
@@ -419,8 +419,8 @@ AC_SUBST(icinga_commandpipe)
 
 # Comment placeholders for toggling backends
 
-AC_SUBST(use_ldap_auth)
+AC_SUBST(ldap_auth_disabled)
-AC_SUBST(use_internal_auth)
+AC_SUBST(internal_auth_disabled)
 
 # Application and installation
 AC_SUBST(PHP)

library/Icinga/Authentication/Manager.php

@@ -163,6 +163,11 @@ class Manager
     private function setupBackends(Zend_Config $config)
     {
         foreach ($config as $name => $backendConfig) {
+            // We won't initialize disabled backends
+            if ($backendConfig->get('disabled') == '1') {
+                continue;
+            }
+
             if ($backendConfig->name === null) {
                 $backendConfig->name = $name;
             }