extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2024-11-08 00:54:15 +01:00
Code Issues Packages Projects Releases Wiki Activity

* WebDAV/CalDAV/CardDAV: fixed basic authentication via redirect-rule to use $_SERVER["REDIRECT_HTTP_AUTHORIZATION"] as it is used by newer Apache versions

Browse Source
This commit is contained in:
Ralf Becker 2013-07-15 11:06:45 +00:00
parent 014d5cd416
commit 5f74357963
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
phpgwapi/inc/class.egw_digest_auth.inc.php
View File

@ -8,6 +8,7 @@
* RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
*
* Otherwise authentication request will be send over and over again, as password is NOT available to PHP!
* (This makes authentication details available in PHP as $_SERVER['REDIRECT_HTTP_AUTHORIZATION']
*
* @link http://www.egroupware.org
* @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License
@ -80,9 +81,9 @@ class egw_digest_auth
$username = $_SERVER['PHP_AUTH_USER']; $password = $_SERVER['PHP_AUTH_PW'];
// Support for basic auth when using PHP CGI (what about digest auth?)
if (!isset($username) && !empty($_SERVER['Authorization']) && strpos($_SERVER['Authorization'],'Basic ') === 0)
if (!isset($username) && !empty($_SERVER['REDIRECT_HTTP_AUTHORIZATION']) && strpos($_SERVER['REDIRECT_HTTP_AUTHORIZATION'],'Basic ') === 0)
{
$hash = base64_decode(substr($_SERVER['Authorization'],6));
$hash = base64_decode(substr($_SERVER['REDIRECT_HTTP_AUTHORIZATION'],6));
if (strpos($hash, ':') !== false)
{
list($username, $password) = explode(':', $hash, 2);