mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-12-22 23:00:56 +01:00
* CalDAV/CardDAV: send unchange REALM for "bad login or password" to allow storing credentials
This commit is contained in:
parent
9ce8140aa1
commit
dc84982a55
@ -109,8 +109,12 @@ class Authenticate
|
|||||||
if (!isset($username) || !($sessionid = $GLOBALS['egw']->session->create($username, $password, 'text', true)))
|
if (!isset($username) || !($sessionid = $GLOBALS['egw']->session->create($username, $password, 'text', true)))
|
||||||
{
|
{
|
||||||
// if the session class gives a reason why the login failed --> append it to the REALM
|
// if the session class gives a reason why the login failed --> append it to the REALM
|
||||||
if ($GLOBALS['egw']->session->reason) $realm .= ': '.$GLOBALS['egw']->session->reason;
|
if ($GLOBALS['egw']->session->reason &&
|
||||||
|
// not for bad-login-or-password as it stalls storing the credentials!
|
||||||
|
$GLOBALS['egw']->session->cd_reason != Api\Session::CD_BAD_LOGIN_OR_PASSWORD)
|
||||||
|
{
|
||||||
|
$realm .= ': '.$GLOBALS['egw']->session->reason;
|
||||||
|
}
|
||||||
header('WWW-Authenticate: Basic realm="'.$realm.'"');// draft-reschke-basicauth-enc-06 adds, accept-charset="'.translation::charset().'"');
|
header('WWW-Authenticate: Basic realm="'.$realm.'"');// draft-reschke-basicauth-enc-06 adds, accept-charset="'.translation::charset().'"');
|
||||||
self::digest_header($realm);
|
self::digest_header($realm);
|
||||||
header('HTTP/1.1 401 Unauthorized');
|
header('HTTP/1.1 401 Unauthorized');
|
||||||
|
Loading…
Reference in New Issue
Block a user