So that authentication can suspend it. There are cases,
e.g. cube, where authentication is required in run.php.
During bootstrapping loading modules is mostly required
to load libraries, register routes and hooks. Most of the
time authentication is not required for these, but if
it is, evaluation is now interrupted and continued
after authentication has actually been performed.
I don't see a real risk for any breaking change here,
since authentication happens shortly after. It actually
avoids a breaking change, since without this, cube's
Icinga DB support would break or at least malfunction.
And cube is only a single example.
refs #5265
Since authentication is now performed even for static
resources, there's no reason anymore to support implicit
authentication. This also limits authentication attempts
to a single one, previously failed attempts were repeated.
Requiring authentication during bootstrapping, i.e. before
authentication has been performed, will now trigger a
deprecation notice.
refs #5265
It is nowadays no exception that stylesheet may be dependent
on who's using the app. So to avoid race conditions like
in #5385 authentication is an explicit step during bootstrap
now.
fixes#5385
Providing a user or user group backend in configuration.php
now has no effect anymore. They are expected to be announced
in run.php, just like hooks. A warning appears in the log
for cases where a configuration.php still attempts it. Should
help with troubleshooting since it will appear after an error
that a specific backend has not been found.
refs #5265
in ApplicationBootstrap#setupErrorHandling(). In webrouter.php disable
them unconditionally (until ApplicationBootstrap#setupErrorHandling())
not to duplicate the check. ApplicationBootstrap#setupErrorHandling())
is called pretty early, so we won't miss much.
fixes#5117
* In addition, this provides #5269 and mitigates #5152 in production
where ICINGAWEB_ENVIRONMENT isn't set.
For mysql it's just enough to check whether the privileges are granted
at database or table label, but for PostgreSQL it's necessary that the
privileges are granted at database and at table level.
W/o this the login page, if on PHP 8.2, says:
Deprecated: Creation of dynamic property Icinga\Application\Modules\Module::$configdir is deprecated in /usr/share/icingaweb2/library/Icinga/Application/Modules/Module.php on line 264
This breaks modules (if any) which use the property and not the getter.
