Config to disable basic_auth username chacking

This can be confusing and/or annoying

diff --git a/config/config.sample.php b/config/config.sample.php
index 9c5eca8a5ec46353707d807ec46b06534500a11e..987a866e49beeb906ab2df44e2ee5d2dbcf296b9 100755 (executable)
--- a/config/config.sample.php
+++ b/config/config.sample.php
@@ -178,6 +178,9 @@ $CONFIG = array(
 /* Enable or disable the logging of IP addresses in case of webform auth failures */
 "log_authfailip" => false,
 
+/* Whether http-basic username must equal username to login */
+"basic_auth" => true,
+
 /*
  * Configure the size in bytes log rotation should happen, 0 or false disables the rotation.
  * This rotates the current owncloud logfile to a new name, this way the total log usage

diff --git a/lib/base.php b/lib/base.php
index 49cbb1279d11acfb77d5a04278a8304253b8d136..351b91b7dfa2d145fdffbb364a2785e9710db068 100644 (file)
--- a/lib/base.php
+++ b/lib/base.php
@@ -554,7 +554,8 @@ class OC {
                OC_User::useBackend(new OC_User_Database());
                OC_Group::useBackend(new OC_Group_Database());
 
-               if (isset($_SERVER['PHP_AUTH_USER']) && self::$session->exists('loginname')
+               $basic_auth = OC_Config::getValue('basic_auth', true);
+               if ($basic_auth && isset($_SERVER['PHP_AUTH_USER']) && self::$session->exists('loginname')
                        && $_SERVER['PHP_AUTH_USER'] !== self::$session->get('loginname')) {
                        $sessionUser = self::$session->get('loginname');
                        $serverUser = $_SERVER['PHP_AUTH_USER'];