/* Enable or disable the logging of IP addresses in case of webform auth failures */
"log_authfailip" => false,
+<<<<<<< HEAD
/* Whether ownCloud should log the last successfull cron exec */
"cron_log" => true,
-/* Whether http-basic username must equal username to login */
-"basic_auth" => true,
-
+=======
+>>>>>>> Fixes login / logout when HTTP Basic Headers are avilable.
/*
* Configure the size in bytes log rotation should happen, 0 or false disables the rotation.
* This rotates the current owncloud logfile to a new name, this way the total log usage
OC_User::useBackend(new OC_User_Database());
OC_Group::useBackend(new OC_Group_Database());
- $basic_auth = OC_Config::getValue('basic_auth', true);
- if ($basic_auth && isset($_SERVER['PHP_AUTH_USER']) && self::$session->exists('loginname')
- && $_SERVER['PHP_AUTH_USER'] !== self::$session->get('loginname')) {
- $sessionUser = self::$session->get('loginname');
- $serverUser = $_SERVER['PHP_AUTH_USER'];
- OC_Log::write('core',
- "Session loginname ($sessionUser) doesn't match SERVER[PHP_AUTH_USER] ($serverUser).",
- OC_Log::WARN);
- OC_User::logout();
- }
-
// Load minimum set of apps - which is filesystem, authentication and logging
if (!self::checkUpgrade(false)) {
OC_App::loadApps(array('authentication'));
self::checkUpgrade();
}
- // Test it the user is already authenticated using Apaches AuthType Basic... very usable in combination with LDAP
- OC::tryBasicAuthLogin();
+ if (!OC_User::isLoggedIn()) {
+ // Test it the user is already authenticated using Apaches AuthType Basic... very usable in combination with LDAP
+ OC::tryBasicAuthLogin();
+ }
if (!self::$CLI and (!isset($_GET["logout"]) or ($_GET["logout"] !== 'true'))) {
try {
if (isset($_COOKIE['oc_token'])) {
OC_Preferences::deleteKey(OC_User::getUser(), 'login_token', $_COOKIE['oc_token']);
}
+ if (isset($_SERVER['PHP_AUTH_USER'])) {
+ $cookie_path = OC::$WEBROOT ? : '/';
+ if (isset($_COOKIE['oc_ignore_php_auth_user'])) {
+ // Ignore HTTP Authentication for 5 more mintues.
+ setcookie('oc_ignore_php_auth_user', '', time() + 300, $cookie_path);
+ } else {
+ // Ignore HTTP Aunthentication to allow a different user to log in.
+ setcookie('oc_ignore_php_auth_user', $_SERVER['PHP_AUTH_USER'], 0, $cookie_path);
+ }
+ }
OC_User::logout();
// redirect to webroot and add slash if webroot is empty
header("Location: " . OC::$WEBROOT.(empty(OC::$WEBROOT) ? '/' : ''));
protected static function tryBasicAuthLogin() {
if (!isset($_SERVER["PHP_AUTH_USER"])
|| !isset($_SERVER["PHP_AUTH_PW"])
+ || (isset($_COOKIE['oc_ignore_php_auth_user']) && $_COOKIE['oc_ignore_php_auth_user'] === $_SERVER['PHP_AUTH_USER'])
) {
return false;
}
projects / nextcloud-server.git / commitdiff