holm/egroupware
1
1
Fork 0
forked from extern/egroupware
Code Issues Pull Requests Packages Projects Releases Wiki Activity

"reverted SyncML part of my NTLM commit from yesterday, as it breaks SyncML: session::verify() is necessary to restore the eGW session (it's NOT used to verify the session)"

Browse Source
This commit is contained in:
Ralf Becker 2008-07-17 05:51:46 +00:00
parent b5c28fba48
commit 9374ade6f5
1 changed files with 6 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
phpgwapi/inc/horde/Horde/SyncML/State_egw.php
View File

@ -246,27 +246,27 @@ class EGW_SyncML_State extends Horde_SyncML_State
function isAuthorized()
{
if (!$this->_isAuthorized)
if (!$this->_isAuthorized)
{
if(!isset($this->_locName) && !isset($this->_password))
{
Horde::logMessage('SyncML: Authentication not yet possible currently. Username and password not available' , __FILE__, __LINE__, PEAR_LOG_DEBUG);
return FALSE;
}
if(!isset($this->_password))
{
Horde::logMessage('SyncML: Authentication not yet possible currently. Password not available' , __FILE__, __LINE__, PEAR_LOG_DEBUG);
return FALSE;
}
if(strpos($this->_locName,'@') === False)
{
$this->_locName .= '@'.$GLOBALS['egw_info']['server']['default_domain'];
}
#Horde::logMessage('SyncML: authenticate with username: ' . $this->_locName . ' and password: ' . $this->_password, __FILE__, __LINE__, PEAR_LOG_DEBUG);
if($GLOBALS['sessionid'] = $GLOBALS['egw']->session->create($this->_locName,$this->_password,'text'))
{
$this->_isAuthorized = true;
@ -278,12 +278,6 @@ class EGW_SyncML_State extends Horde_SyncML_State
Horde::logMessage('SyncML: Authentication of ' . $this->_locName . ' failed' , __FILE__, __LINE__, PEAR_LOG_INFO);
}
}
/*
* RalfBecker 2008-07-16: commented out, as return value is NOT used anyway
* It is not a security problem, as without a valid SyncML session
* one is created anyway. The horde SyncML codes handles that on it's own.
* Leaving it in gives problems with NTLM auth, as verify redirects there.
*
else
{
// store sessionID in a variable, because ->verify maybe resets that value
@ -291,7 +285,7 @@ class EGW_SyncML_State extends Horde_SyncML_State
if(!$GLOBALS['egw']->session->verify($sessionID, 'staticsyncmlkp3')) {
Horde::logMessage('SyncML_EGW: egw session(' .$sessionID. ') not verified ' , __FILE__, __LINE__, PEAR_LOG_DEBUG);
}
}*/
}
return $this->_isAuthorized;
}