tags 656395 + patch stop Hey Andrew.
The following patch should solve this. But please double check the code :) Chris.
* Should add support for the environment variable “REDIRECT_REMOTE_USER”
which the Apache HTTPD Server sets instead of the environment variable
“REMOTE_USER” when a redirect was made.
--- a/inc/HTTPAuthSession.php
+++ b/inc/HTTPAuthSession.php
@@ -112,7 +112,8 @@
}
}
else if ( isset($c->authenticate_hook['server_auth_type'])
- && isset($_SERVER["REMOTE_USER"]) && !empty($_SERVER["REMOTE_USER"])) {
+ && ( isset($_SERVER["REMOTE_USER"]) && !empty($_SERVER["REMOTE_USER"]) ) ||
+ ( isset($_SERVER["REDIRECT_REMOTE_USER"]) && !empty($_SERVER["REDIRECT_REMOTE_USER"]) ) ) {
if ( ( is_array($c->authenticate_hook['server_auth_type'])
&& in_array($_SERVER['AUTH_TYPE'], $c->authenticate_hook['server_auth_type']) )
||
@@ -122,7 +123,10 @@
/**
* The authentication has happened in the server, and we should accept it.
*/
- $_SERVER['PHP_AUTH_USER'] = $_SERVER['REMOTE_USER'];
+ if (isset($_SERVER["REMOTE_USER"]))
+ $_SERVER['PHP_AUTH_USER'] = $_SERVER['REMOTE_USER'];
+ else
+ $_SERVER['PHP_AUTH_USER'] = $_SERVER['REDIRECT_REMOTE_USER'];
$_SERVER['PHP_AUTH_PW'] = 'Externally Authenticated';
if ( ! isset($c->authenticate_hook['call']) ) {
/**
--- a/inc/drivers_ldap.php
+++ b/inc/drivers_ldap.php
@@ -205,9 +205,16 @@
$dnUser = ldap_get_dn($this->connect, ldap_first_entry($this->connect,$entry));
if ( isset($c->authenticate_hook['config']['i_use_mode_kerberos']) && $c->authenticate_hook['config']['i_use_mode_kerberos'] == "i_know_what_i_am_doing") {
- dbg_error_log( "LOG", "drivers_ldap : Skipping password Check for user %s which should be the same as %s",$username , $_SERVER["REMOTE_USER"]);
- if ($username != $_SERVER["REMOTE_USER"]) {
- return false;
+ if (isset($_SERVER["REMOTE_USER"])) {
+ dbg_error_log( "LOG", "drivers_ldap : Skipping password Check for user %s which should be the same as %s",$username , $_SERVER["REMOTE_USER"]);
+ if ($username != $_SERVER["REMOTE_USER"]) {
+ return false;
+ }
+ } else {
+ dbg_error_log( "LOG", "drivers_ldap : Skipping password Check for user %s which should be the same as %s",$username , $_SERVER["REDIRECT_REMOTE_USER"]);
+ if ($username != $_SERVER["REDIRECT_REMOTE_USER"]) {
+ return false;
+ }
}
}
else if ( empty($passwd) || preg_match('/[\x00-\x19]/',$passwd) ) {
smime.p7s
Description: S/MIME cryptographic signature

