diff options
| author | Christian Seiler <christian@iwakd.de> | 2015-02-16 23:34:49 +0100 |
|---|---|---|
| committer | Christian Seiler <christian@iwakd.de> | 2015-02-16 23:34:49 +0100 |
| commit | 1377ebc7e9b9a5bed36b5a1ca8da2c6ef35eb74a (patch) | |
| tree | b46f1a0e2cc2be2d45363e606f2ca1317e8d5e0c | |
| parent | 7f624188a77534856ecd53ac1d303ce5358e681e (diff) | |
| download | nextcloud-server-1377ebc7e9b9a5bed36b5a1ca8da2c6ef35eb74a.tar.gz nextcloud-server-1377ebc7e9b9a5bed36b5a1ca8da2c6ef35eb74a.zip | |
DAV authentication: use Owncloud's internal user instead of HTTP-supplied one
Fixes: #14048, #14104, calendar#712
| -rw-r--r-- | lib/private/connector/sabre/auth.php | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/lib/private/connector/sabre/auth.php b/lib/private/connector/sabre/auth.php index 533d250d68e..6f7c429fd38 100644 --- a/lib/private/connector/sabre/auth.php +++ b/lib/private/connector/sabre/auth.php @@ -60,8 +60,11 @@ class OC_Connector_Sabre_Auth extends \Sabre\DAV\Auth\Backend\AbstractBasic { } else { OC_Util::setUpFS(); //login hooks may need early access to the filesystem if(OC_User::login($username, $password)) { - OC_Util::setUpFS(OC_User::getUser()); - \OC::$server->getSession()->set(self::DAV_AUTHENTICATED, $username); + // make sure we use owncloud's internal username here + // and not the HTTP auth supplied one, see issue #14048 + $ocUser = OC_User::getUser(); + OC_Util::setUpFS($ocUser); + \OC::$server->getSession()->set(self::DAV_AUTHENTICATED, $ocUser); \OC::$server->getSession()->close(); return true; } else { |