From 028b683b3659090898b333de368ccfd0146d5b65 Mon Sep 17 00:00:00 2001 From: Alberto Zigoni Date: Tue, 19 Oct 2010 12:14:33 +0200 Subject: [PATCH] patch for HTTP_AUTH and web services --- api/soap/mc_api.php | 10 +++++++++- core/authentication_api.php | 18 ++++++++++++++++-- 2 files changed, 25 insertions(+), 3 deletions(-) diff --git a/api/soap/mc_api.php b/api/soap/mc_api.php index bcd8cc4..2d0f999 100644 --- a/api/soap/mc_api.php +++ b/api/soap/mc_api.php @@ -36,12 +36,20 @@ function mci_is_mantis_offline() { # return user_id if successful, otherwise false. function mci_check_login( $p_username, $p_password ) { + + # Alberto Zigoni: patch for HTTP authentication + $t_login_method = config_get( 'login_method' ); + if(HTTP_AUTH == $t_login_method) { + $p_username = auth_prepare_username(''); + } + # End patch + if( mci_is_mantis_offline() ) { return false; } # if no user name supplied, then attempt to login as anonymous user. - if( is_blank( $p_username ) ) { + if( is_blank( $p_username )) { $t_anon_allowed = config_get( 'allow_anonymous_login' ); if( OFF == $t_anon_allowed ) { return false; diff --git a/core/authentication_api.php b/core/authentication_api.php index 32961f1..b81a5ea 100644 --- a/core/authentication_api.php +++ b/core/authentication_api.php @@ -112,6 +112,16 @@ function auth_prepare_username( $p_username ) { break; case HTTP_AUTH: if( !auth_http_is_logout_pending() ) { + /* Patch for HTTP authentication + * Add these two variables in config_inc.php + * $g_login_method = HTTP_AUTH; + * $g_sso_user_regex = '/^(.*)@$/i'; + */ + if (isset($_SERVER['REMOTE_USER'])) { + preg_match(config_get('sso_user_regex'), $_SERVER['REMOTE_USER'], $user_match); + $f_username = $user_match[1]; + } + /* End patch */ if( isset( $_SERVER['PHP_AUTH_USER'] ) ) { $f_username = $_SERVER['PHP_AUTH_USER']; } @@ -144,6 +154,9 @@ function auth_prepare_password( $p_password ) { break; case HTTP_AUTH: if( !auth_http_is_logout_pending() ) { + if (isset($_SERVER['REMOTE_USER'])) { # $_SERVER['AUTH_TYPE'] == 'Negotiate' ) + $f_password = ''; + } /* this will never get hit - see auth_prepare_username */ if( isset( $_SERVER['PHP_AUTH_PW'] ) ) { @@ -226,7 +239,8 @@ function auth_attempt_login( $p_username, $p_password, $p_perm_login = false ) { if( !user_is_anonymous( $t_user_id ) ) { # anonymous login didn't work, so check the password - if( !auth_does_password_match( $t_user_id, $p_password ) ) { + # if( !auth_does_password_match( $t_user_id, $p_password ) ) { + if ( HTTP_AUTH != $t_login_method && !auth_does_password_match( $t_user_id, $p_password ) ) { user_increment_failed_login_count( $t_user_id ); return false; } @@ -778,7 +792,7 @@ function auth_get_current_user_id() { if( null !== $g_cache_current_user_id ) { return $g_cache_current_user_id; } - + $t_cookie_string = auth_get_current_user_cookie(); if( $t_result = user_search_cache( 'cookie_string', $t_cookie_string ) ) { -- 1.7.3.1