WordPress.org
Get WordPress

Plugin Directory

Changeset 522706


Ignore:
Timestamp:
03/23/2012 04:03:03 PM (14 years ago)
Author:
dwc
Message:

Add option to support additional $_SERVER variables in authentication (fixes #1477)

Location:
http-authentication/trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed

  • http-authentication/trunk/http-authentication.php

    r522675 r522706  
    1212
    1313class HTTPAuthenticationPlugin {
    14     var $db_version = 1;
     14    var $db_version = 2;
    1515    var $option_name = 'http_authentication_options';
    1616    var $options;
     
    5959            'login_uri' => htmlspecialchars_decode(wp_login_url()),
    6060            'logout_uri' => remove_query_arg('_wpnonce', htmlspecialchars_decode(wp_logout_url())),
     61            'additional_server_keys' => '',
    6162            'auto_create_user' => false,
    6263            'auto_create_email_domain' => '',
     
    7778<style type="text/css">
    7879p#http-authentication-link {
    79     width: 100%;
    80     height: 4em;
    81     text-align: center;
    82     margin-top: 2em;
     80  width: 100%;
     81  height: 4em;
     82  text-align: center;
     83  margin-top: 2em;
    8384}
    8485p#http-authentication-link a {
    85     margin: 0 auto;
    86     float: none;
     86  margin: 0 auto;
     87  float: none;
    8788}
    8889</style>
     
    174175        $username = '';
    175176
    176         foreach (array('REMOTE_USER', 'REDIRECT_REMOTE_USER') as $key) {
    177             if (! empty($_SERVER[$key])) {
    178                 $username = $_SERVER[$key];
     177        $server_keys = $this->_get_server_keys();
     178        foreach ($server_keys as $server_key) {
     179            if (! empty($_SERVER[$server_key])) {
     180                $username = $_SERVER[$server_key];
    179181            }
    180182        }
    181183
    182184        if (! $username) {
    183             return new WP_Error('empty_username', '<strong>ERROR</strong>: No REMOTE_USER or REDIRECT_REMOTE_USER found.');
     185            return new WP_Error('empty_username', '<strong>ERROR</strong>: No user found in server variables.');
    184186        }
    185187
     
    197199
    198200        return $user;
     201    }
     202
     203    /*
     204     * Return the list of $_SERVER keys that we will check for a username. By
     205     * default, these are REMOTE_USER and REDIRECT_REMOTE_USER. Additional keys
     206     * can be configured from the options page.
     207     */
     208    function _get_server_keys() {
     209        $server_keys = array('REMOTE_USER', 'REDIRECT_REMOTE_USER');
     210
     211        $additional_server_keys = $this->options['additional_server_keys'];
     212        if (! empty($additional_server_keys)) {
     213            $keys = preg_split('/,\s*/', $additional_server_keys);
     214            $server_keys = array_merge($server_keys, $keys);
     215        }
     216
     217        return $server_keys;
    199218    }
    200219

  • http-authentication/trunk/options-page.php

    r515095 r522706  
    3030        add_settings_field('http_authentication_login_uri', 'Login URI', array(&$this, '_display_option_login_uri'), $this->page, $section);
    3131        add_settings_field('http_authentication_logout_uri', 'Logout URI', array(&$this, '_display_option_logout_uri'), $this->page, $section);
     32        add_settings_field('http_authentication_additional_server_keys', '$_SERVER variables', array(&$this, '_display_option_additional_server_keys'), $this->page, $section);
    3233        add_settings_field('http_authentication_auto_create_user', 'Automatically create accounts?', array(&$this, '_display_option_auto_create_user'), $this->page, $section);
    3334        add_settings_field('http_authentication_auto_create_email_domain', 'Email address domain', array(&$this, '_display_option_auto_create_email_domain'), $this->page, $section);
     
    140141
    141142    /*
     143     * Display the additional $_SERVER keys field.
     144     */
     145    function _display_option_additional_server_keys() {
     146        $additional_server_keys = $this->options['additional_server_keys'];
     147        $this->_display_input_text_field('additional_server_keys', $additional_server_keys);
     148?>
     149<code>$_SERVER</code> variables in addition to <code>REMOTE_USER</code> and <code>REDIRECT_REMOTE_USER</code> to check for the username value, separated by a comma. Use this to e.g. support personal X.509 certificates for authentication.<br />
     150Example: <code>SSL_CLIENT_S_DN_CN</code>
     151<?php
     152    }
     153
     154    /*
    142155     * Display the automatically create accounts checkbox.
    143156     */

  • http-authentication/trunk/readme.txt

    r522705 r522706  
    140140* Avoid some PHP notices due to saving options (William Schneider)
    141141* Fix for redirect loop on some multisite setups (#1497)
     142* Add option to support additional $_SERVER variables in authentication (#1477)
    142143
    143144= 4.4 =
Note: See TracChangeset for help on using the changeset viewer.