MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

fix: [customauth] default setting for use_header_namespace should adhere to what is displayed (true) 

- as requested by the MELiCERTES consortium for CSP
pull/5148/head
iglocska 2019-09-11 09:28:45 +02:00
parent 8a8ac9852c
commit 290a92808d
No known key found for this signature in database
GPG Key ID: BEA224F1FEF113AC
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
app/Controller/AppController.php
View File

@ -926,7 +926,14 @@ class AppController extends Controller
if (Configure::read('Plugin.CustomAuth_enable')) {
$header = Configure::read('Plugin.CustomAuth_header') ? Configure::read('Plugin.CustomAuth_header') : 'Authorization';
$authName = Configure::read('Plugin.CustomAuth_name') ? Configure::read('Plugin.CustomAuth_name') : 'External authentication';
$headerNamespace = Configure::read('Plugin.CustomAuth_use_header_namespace') ? (Configure::read('Plugin.CustomAuth_header_namespace') ? Configure::read('Plugin.CustomAuth_header_namespace') : 'HTTP_') : '';
if (
!Configure::check('Plugin.CustomAuth_use_header_namespace') ||
(Configure::check('Plugin.CustomAuth_use_header_namespace') && Configure::read('Plugin.CustomAuth_use_header_namespace'))
) {
$headerNamespace = Configure::read('Plugin.CustomAuth_header_namespace');
} else {
$headerNamespace = '';
}
if (isset($server[$headerNamespace . $header]) && !empty($server[$headerNamespace . $header])) {
if (Configure::read('Plugin.CustomAuth_only_allow_source') && Configure::read('Plugin.CustomAuth_only_allow_source') !== $server['REMOTE_ADDR']) {
$this->Log = ClassRegistry::init('Log');