diff options
| -rwxr-xr-x | config/config.sample.php | 3 | ||||
| -rw-r--r-- | lib/base.php | 3 |
2 files changed, 5 insertions, 1 deletions
diff --git a/config/config.sample.php b/config/config.sample.php index 9c5eca8a5ec..987a866e49b 100755 --- a/config/config.sample.php +++ b/config/config.sample.php @@ -178,6 +178,9 @@ $CONFIG = array( /* Enable or disable the logging of IP addresses in case of webform auth failures */ "log_authfailip" => false, +/* Whether http-basic username must equal username to login */ +"basic_auth" => true, + /* * Configure the size in bytes log rotation should happen, 0 or false disables the rotation. * This rotates the current owncloud logfile to a new name, this way the total log usage diff --git a/lib/base.php b/lib/base.php index 49cbb1279d1..351b91b7dfa 100644 --- a/lib/base.php +++ b/lib/base.php @@ -554,7 +554,8 @@ class OC { OC_User::useBackend(new OC_User_Database()); OC_Group::useBackend(new OC_Group_Database()); - if (isset($_SERVER['PHP_AUTH_USER']) && self::$session->exists('loginname') + $basic_auth = OC_Config::getValue('basic_auth', true); + if ($basic_auth && isset($_SERVER['PHP_AUTH_USER']) && self::$session->exists('loginname') && $_SERVER['PHP_AUTH_USER'] !== self::$session->get('loginname')) { $sessionUser = self::$session->get('loginname'); $serverUser = $_SERVER['PHP_AUTH_USER']; |