// used to integrate tt-rss with Apache's external authentication modules.
define('AUTO_LOGIN', false);
- // Set this to true if you use ALLOW_REMOTE_USER_AUTH and you want
- // to skip the login form. If set to true, users won't be able to
- // set application language and settings profile.
+ // Set this to true if you use ALLOW_REMOTE_USER_AUTH or client SSL
+ // certificate authentication and you want to skip the login form.
+ // If set to true, users won't be able to set application language
+ // and settings profile.
+ // Otherwise users will be redirected to login form with their login
+ // information pre-filled.
define('LOCK_DIRECTORY', 'lock');
// Directory for lockfiles, must be writable to the user you run
return "";
}
- function get_remote_user() {
- $remote_user = "";
+ function get_remote_user($link) {
if (defined('ALLOW_REMOTE_USER_AUTH') && ALLOW_REMOTE_USER_AUTH) {
- $remote_user = $_SERVER["REMOTE_USER"];
+ return db_escape_string($_SERVER["REMOTE_USER"]);
}
- return db_escape_string($remote_user);
+ return db_escape_string(get_login_by_ssl_certificate($link));
}
- function get_remote_fakepass() {
- if (get_remote_user())
+ function get_remote_fakepass($link) {
+ if (get_remote_user($link))
return "******";
else
return "";
$pwd_hash2 = encrypt_password($password, $login);
$login = db_escape_string($login);
- $remote_user = get_remote_user();
-
- if (!$remote_user)
- $remote_user = get_login_by_ssl_certificate($link);
+ $remote_user = get_remote_user($link);
if ($remote_user && $login != "admin") {
}
if (!$_SESSION["uid"] || !validate_session($link)) {
- $cert_login = get_login_by_ssl_certificate($link);
- if ($cert_login) {
- authenticate_user($link, $cert_login, null);
- $_SESSION["ref_schema_version"] = get_schema_version($link, true);
- } else if (get_remote_user() && AUTO_LOGIN) {
- authenticate_user($link, get_remote_user(), null);
+ if (get_remote_user($link) && AUTO_LOGIN) {
+ authenticate_user($link, get_remote_user($link), null);
$_SESSION["ref_schema_version"] = get_schema_version($link, true);
} else {
render_login_form($link, $mobile);
<tr><td align="right"><?php echo __("Login:") ?></td>
<td align="right"><input name="login"
onchange="fetchProfiles()" onfocus="fetchProfiles()"
- value="<?php echo get_remote_user() ?>"></td></tr>
+ value="<?php echo get_remote_user($link) ?>"></td></tr>
<tr><td align="right"><?php echo __("Password:") ?></td>
<td align="right"><input type="password" name="password"
onchange="fetchProfiles()" onfocus="fetchProfiles()"
- value="<?php echo get_remote_fakepass() ?>"></td></tr>
+ value="<?php echo get_remote_fakepass($link) ?>"></td></tr>
<tr><td align="right"><?php echo __("Language:") ?></td>
<td align="right">
<?php
git.wh0rd.org / tt-rss.git / commitdiff
