[icinga-checkins] icinga.org: icinga-web/next: Making authorization case sensitiv is broken

git at icinga.org git at icinga.org
Tue Apr 23 15:28:06 CEST 2013


Module: icinga-web
Branch: next
Commit: d6cce96461ab3fa920c38b23200c49c25aab7905
URL:    https://git.icinga.org/?p=icinga-web.git;a=commit;h=d6cce96461ab3fa920c38b23200c49c25aab7905

Author: Marius Hein <marius.hein at netways.de>
Date:   Tue Apr 23 15:27:15 2013 +0200

Making authorization case sensitiv is broken

Test configuration before converting all usernames to
lowercase. Patch applied from dirk götz. Thanks
for that.

fixes #3714

---

 .../HTTPBasicAuthenticationModel.class.php         |    7 ++++++-
 doc/THANKS                                         |    1 +
 2 files changed, 7 insertions(+), 1 deletions(-)

diff --git a/app/modules/AppKit/models/Auth/Provider/HTTPBasicAuthenticationModel.class.php b/app/modules/AppKit/models/Auth/Provider/HTTPBasicAuthenticationModel.class.php
index 9ed8205..6bf5091 100644
--- a/app/modules/AppKit/models/Auth/Provider/HTTPBasicAuthenticationModel.class.php
+++ b/app/modules/AppKit/models/Auth/Provider/HTTPBasicAuthenticationModel.class.php
@@ -169,7 +169,12 @@ class AppKit_Auth_Provider_HTTPBasicAuthenticationModel extends AppKitAuthProvid
 
             if ($search_value !== null) {
                 if ($class_target == 'auth_name') {
-                    $search_value = strtolower($search_value);
+
+                    // Fixes mixed auth models (case-sensitive and case-insensitive)
+                    // see #3714 (Thanks dirk)
+                    if ($this->getParameter('auth_lowercase_username',false) == true) {
+                        $search_value = strtolower($search_value);
+                    }
 
                     if ($strip = strtolower($this->getParameter('auth_strip_domain', ''))) {
                         $m = '~@' . preg_quote($strip, '~') . '~';
diff --git a/doc/THANKS b/doc/THANKS
index 7303b73..fa92d89 100644
--- a/doc/THANKS
+++ b/doc/THANKS
@@ -32,6 +32,7 @@ name, please let us know.
     * Thorsten Fohrer
     * Max Stephan
     * shiftycent
+    * Dirk Götz
 
 * Design stuff
     * Karolina Hein





More information about the icinga-checkins mailing list