Fixes login / logout when HTTP Basic Headers are avilable.
This commit is contained in:
parent
bf7624fb25
commit
4ddf5d92f2
|
@ -178,12 +178,12 @@ $CONFIG = array(
|
||||||
/* Enable or disable the logging of IP addresses in case of webform auth failures */
|
/* Enable or disable the logging of IP addresses in case of webform auth failures */
|
||||||
"log_authfailip" => false,
|
"log_authfailip" => false,
|
||||||
|
|
||||||
|
<<<<<<< HEAD
|
||||||
/* Whether ownCloud should log the last successfull cron exec */
|
/* Whether ownCloud should log the last successfull cron exec */
|
||||||
"cron_log" => true,
|
"cron_log" => true,
|
||||||
|
|
||||||
/* Whether http-basic username must equal username to login */
|
=======
|
||||||
"basic_auth" => true,
|
>>>>>>> Fixes login / logout when HTTP Basic Headers are avilable.
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Configure the size in bytes log rotation should happen, 0 or false disables the rotation.
|
* Configure the size in bytes log rotation should happen, 0 or false disables the rotation.
|
||||||
* This rotates the current owncloud logfile to a new name, this way the total log usage
|
* This rotates the current owncloud logfile to a new name, this way the total log usage
|
||||||
|
|
28
lib/base.php
28
lib/base.php
|
@ -538,17 +538,6 @@ class OC {
|
||||||
OC_User::useBackend(new OC_User_Database());
|
OC_User::useBackend(new OC_User_Database());
|
||||||
OC_Group::useBackend(new OC_Group_Database());
|
OC_Group::useBackend(new OC_Group_Database());
|
||||||
|
|
||||||
$basic_auth = OC_Config::getValue('basic_auth', true);
|
|
||||||
if ($basic_auth && isset($_SERVER['PHP_AUTH_USER']) && self::$session->exists('loginname')
|
|
||||||
&& $_SERVER['PHP_AUTH_USER'] !== self::$session->get('loginname')) {
|
|
||||||
$sessionUser = self::$session->get('loginname');
|
|
||||||
$serverUser = $_SERVER['PHP_AUTH_USER'];
|
|
||||||
OC_Log::write('core',
|
|
||||||
"Session loginname ($sessionUser) doesn't match SERVER[PHP_AUTH_USER] ($serverUser).",
|
|
||||||
OC_Log::WARN);
|
|
||||||
OC_User::logout();
|
|
||||||
}
|
|
||||||
|
|
||||||
// Load minimum set of apps - which is filesystem, authentication and logging
|
// Load minimum set of apps - which is filesystem, authentication and logging
|
||||||
if (!self::checkUpgrade(false)) {
|
if (!self::checkUpgrade(false)) {
|
||||||
OC_App::loadApps(array('authentication'));
|
OC_App::loadApps(array('authentication'));
|
||||||
|
@ -697,8 +686,10 @@ class OC {
|
||||||
self::checkUpgrade();
|
self::checkUpgrade();
|
||||||
}
|
}
|
||||||
|
|
||||||
// Test it the user is already authenticated using Apaches AuthType Basic... very usable in combination with LDAP
|
if (!OC_User::isLoggedIn()) {
|
||||||
OC::tryBasicAuthLogin();
|
// Test it the user is already authenticated using Apaches AuthType Basic... very usable in combination with LDAP
|
||||||
|
OC::tryBasicAuthLogin();
|
||||||
|
}
|
||||||
|
|
||||||
if (!self::$CLI and (!isset($_GET["logout"]) or ($_GET["logout"] !== 'true'))) {
|
if (!self::$CLI and (!isset($_GET["logout"]) or ($_GET["logout"] !== 'true'))) {
|
||||||
try {
|
try {
|
||||||
|
@ -749,6 +740,16 @@ class OC {
|
||||||
if (isset($_COOKIE['oc_token'])) {
|
if (isset($_COOKIE['oc_token'])) {
|
||||||
OC_Preferences::deleteKey(OC_User::getUser(), 'login_token', $_COOKIE['oc_token']);
|
OC_Preferences::deleteKey(OC_User::getUser(), 'login_token', $_COOKIE['oc_token']);
|
||||||
}
|
}
|
||||||
|
if (isset($_SERVER['PHP_AUTH_USER'])) {
|
||||||
|
$cookie_path = OC::$WEBROOT ? : '/';
|
||||||
|
if (isset($_COOKIE['oc_ignore_php_auth_user'])) {
|
||||||
|
// Ignore HTTP Authentication for 5 more mintues.
|
||||||
|
setcookie('oc_ignore_php_auth_user', '', time() + 300, $cookie_path);
|
||||||
|
} else {
|
||||||
|
// Ignore HTTP Aunthentication to allow a different user to log in.
|
||||||
|
setcookie('oc_ignore_php_auth_user', $_SERVER['PHP_AUTH_USER'], 0, $cookie_path);
|
||||||
|
}
|
||||||
|
}
|
||||||
OC_User::logout();
|
OC_User::logout();
|
||||||
// redirect to webroot and add slash if webroot is empty
|
// redirect to webroot and add slash if webroot is empty
|
||||||
header("Location: " . OC::$WEBROOT.(empty(OC::$WEBROOT) ? '/' : ''));
|
header("Location: " . OC::$WEBROOT.(empty(OC::$WEBROOT) ? '/' : ''));
|
||||||
|
@ -914,6 +915,7 @@ class OC {
|
||||||
protected static function tryBasicAuthLogin() {
|
protected static function tryBasicAuthLogin() {
|
||||||
if (!isset($_SERVER["PHP_AUTH_USER"])
|
if (!isset($_SERVER["PHP_AUTH_USER"])
|
||||||
|| !isset($_SERVER["PHP_AUTH_PW"])
|
|| !isset($_SERVER["PHP_AUTH_PW"])
|
||||||
|
|| (isset($_COOKIE['oc_ignore_php_auth_user']) && $_COOKIE['oc_ignore_php_auth_user'] === $_SERVER['PHP_AUTH_USER'])
|
||||||
) {
|
) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue