Skip to content
Snippets Groups Projects
Commit 476579b9 authored by Lukas Reschke's avatar Lukas Reschke
Browse files

Fix WebDAV auth for session authentication only 

\Sabre\DAV\Auth\Backend\AbstractBasic::authenticate was only calling \OC_Connector_Sabre_Auth::validateUserPass when the response of \Sabre\HTTP\BasicAuth::getUserPass was not null.

However, there is a case where the value can be null and the user could be authenticated anyways: The authentication via ownCloud web-interface and then accessing WebDAV resources. This was not possible anymore with this patch because it never reached the code path in this scenario.

This patchs allows authenticating with a session without isDavAuthenticated value stored (this is for ugly WebDAV clients that send the cookie in any case) and thus the functionality should work again.

To test this go to the admin settings and test if the WebDAV check works fine. Furthermore all the usual stuff (WebDAV / Shibboleth / etc...) needs testing as well.
parent 2ac01525
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
lib/private/connector/sabre/auth.php
+ 4
2
View file @ 476579b9
...@@ -101,7 +101,6 @@ class OC_Connector_Sabre_Auth extends \Sabre\DAV\Auth\Backend\AbstractBasic { ...@@ -101,7 +101,6 @@ class OC_Connector_Sabre_Auth extends \Sabre\DAV\Auth\Backend\AbstractBasic {
public function authenticate(\Sabre\DAV\Server $server, $realm) { public function authenticate(\Sabre\DAV\Server $server, $realm) {
$result = $this->auth($server, $realm); $result = $this->auth($server, $realm);
return $result; return $result;
} }
...@@ -111,10 +110,13 @@ class OC_Connector_Sabre_Auth extends \Sabre\DAV\Auth\Backend\AbstractBasic { ...@@ -111,10 +110,13 @@ class OC_Connector_Sabre_Auth extends \Sabre\DAV\Auth\Backend\AbstractBasic {
* @return bool * @return bool
*/ */
private function auth(\Sabre\DAV\Server $server, $realm) { private function auth(\Sabre\DAV\Server $server, $realm) {
if (OC_User::handleApacheAuth()) { if (OC_User::handleApacheAuth() ||
(OC_User::isLoggedIn() && is_null(\OC::$server->getSession()->get(self::DAV_AUTHENTICATED)))
) {
$user = OC_User::getUser(); $user = OC_User::getUser();
OC_Util::setupFS($user); OC_Util::setupFS($user);
$this->currentUser = $user; $this->currentUser = $user;
\OC::$server->getSession()->close();
return true; return true;
} }
......
lib/private/user.php
+ 1
1
View file @ 476579b9
...@@ -320,7 +320,7 @@ class OC_User { ...@@ -320,7 +320,7 @@ class OC_User {
* Tries to login the user with HTTP Basic Authentication * Tries to login the user with HTTP Basic Authentication
*/ */
public static function tryBasicAuthLogin() { public static function tryBasicAuthLogin() {
if(!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_USER'])) { if(!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW'])) {
\OC_User::login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']); \OC_User::login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
} }
} }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment