aboutsummaryrefslogtreecommitdiffstats
path: root/lib/private
diff options
context:
space:
mode:
Diffstat (limited to 'lib/private')
-rw-r--r--lib/private/connector/sabre/auth.php9
1 files changed, 6 insertions, 3 deletions
diff --git a/lib/private/connector/sabre/auth.php b/lib/private/connector/sabre/auth.php
index 533d250d68e..ba2e7d6327b 100644
--- a/lib/private/connector/sabre/auth.php
+++ b/lib/private/connector/sabre/auth.php
@@ -52,7 +52,7 @@ class OC_Connector_Sabre_Auth extends \Sabre\DAV\Auth\Backend\AbstractBasic {
*/
protected function validateUserPass($username, $password) {
if (OC_User::isLoggedIn() &&
- $this->isDavAuthenticated($username)
+ $this->isDavAuthenticated(OC_User::getUser())
) {
OC_Util::setupFS(OC_User::getUser());
\OC::$server->getSession()->close();
@@ -60,8 +60,11 @@ class OC_Connector_Sabre_Auth extends \Sabre\DAV\Auth\Backend\AbstractBasic {
} else {
OC_Util::setUpFS(); //login hooks may need early access to the filesystem
if(OC_User::login($username, $password)) {
- OC_Util::setUpFS(OC_User::getUser());
- \OC::$server->getSession()->set(self::DAV_AUTHENTICATED, $username);
+ // make sure we use owncloud's internal username here
+ // and not the HTTP auth supplied one, see issue #14048
+ $ocUser = OC_User::getUser();
+ OC_Util::setUpFS($ocUser);
+ \OC::$server->getSession()->set(self::DAV_AUTHENTICATED, $ocUser);
\OC::$server->getSession()->close();
return true;
} else {
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-08 11:00:25 +0000