tyler.durden/icingaweb2
1
0
Fork 0
mirror of https://github.com/Icinga/icingaweb2.git synced 2025-07-30 01:04:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

AutoLogin/Logout: Remove own session namespace

Browse Source 
Store data in the user and implement interface to left
backends store remote information.

fixes #6461
This commit is contained in:
Marius Hein 2014-07-30 12:35:55 +02:00
parent 294728ac47
commit e2c761a7aa
4 changed files with 46 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
application/controllers/AuthenticationController.php
View File

@ -68,9 +68,6 @@ class AuthenticationController extends ActionController
$authenticated = $backend->authenticate($user); $authenticated = $backend->authenticate($user);
if ($authenticated === true) { if ($authenticated === true) {
$auth->setAuthenticated($user); $auth->setAuthenticated($user);
$session = Session::getSession()->getNamespace('authentication');
$session->set('is_remote_user', true);
$session->write();
$this->rerenderLayout()->redirectNow($redirectUrl); $this->rerenderLayout()->redirectNow($redirectUrl);
} }
} }
@ -135,12 +132,10 @@ class AuthenticationController extends ActionController
public function logoutAction() public function logoutAction()
{ {
$auth = $this->Auth(); $auth = $this->Auth();
$isRemoteUser = $auth->getUser()->isRemoteUser();
$session = Session::getSession()->getNamespace('authentication');
$auth->removeAuthorization(); $auth->removeAuthorization();
if ($session->get('is_remote_user', false) === true) { if ($isRemoteUser === true) {
$this->_helper->layout->setLayout('login'); $this->_helper->layout->setLayout('login');
$this->_response->setHttpResponseCode(401); $this->_response->setHttpResponseCode(401);
} else { } else {

1
library/Icinga/Authentication/Backend/AutoLoginBackend.php
View File

@ -53,6 +53,7 @@ class AutoLoginBackend extends UserBackend
{ {
if (isset($_SERVER['REMOTE_USER'])) { if (isset($_SERVER['REMOTE_USER'])) {
$username = $_SERVER['REMOTE_USER']; $username = $_SERVER['REMOTE_USER'];
$user->setRemoteUserInformation($username, 'REMOTE_USER');
if ($this->stripUsernameRegexp !== null) { if ($this->stripUsernameRegexp !== null) {
$stripped = preg_replace($this->stripUsernameRegexp, '', $username); $stripped = preg_replace($this->stripUsernameRegexp, '', $username);
if ($stripped !== false) { if ($stripped !== false) {

6
library/Icinga/Authentication/Manager.php
View File

@ -30,12 +30,6 @@ class Manager
*/ */
private $user; private $user;
/**
* If the user was authenticated from the REMOTE_USER server variable
*
* @var Boolean
*/
private $fromRemoteUser = false;
private function __construct() private function __construct()
{ {

43
library/Icinga/User.php
View File

@ -58,6 +58,18 @@ class User
*/ */
protected $additionalInformation = array(); protected $additionalInformation = array();
/**
* Information if the user is external authenticated
*
* Keys:
*
* 0: origin username
* 1: origin field name
*
* @var array
*/
protected $remoteUserInformation = array();
/** /**
* Set of permissions * Set of permissions
* *
@ -401,4 +413,35 @@ class User
{ {
$this->messages = null; $this->messages = null;
} }
/**
* Set additional remote user information
*
* @param stirng $username
* @param string $field
*/
public function setRemoteUserInformation($username, $field)
{
$this->remoteUserInformation = array($username, $field);
}
/**
* Get additional remote user information
*
* @return array
*/
public function getRemoteUserInformation()
{
return $this->remoteUserInformation;
}
/**
* Return true if user has remote user information set
*
* @return bool
*/
public function isRemoteUser()
{
return (count($this->remoteUserInformation)) ? true : false;
}
} }