mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Single Sign-On Authentication Mechanism (#7601)

Browse Source 
* Allow the URL a user is sent to after logging out to be customised
This is required for any authentication system that has a magic URL for logging out (e.g. /Shibboleth.sso/Logout).

* Allow auth plugins to return a username

This is a bit cleaner than the current auth flow, which special cases e.g. http authentication

* Add some tests, defaults and documentation

* Add single sign-on authentication mechanism

* Make HTTPAuth use the authExternal/getExternalUsername methods

* Add to acknowledgements

* Add reset method to Auth
This commit is contained in:
Adam Bishop
2017-11-29 02:40:17 +00:00
committed by Tony Murray
parent 3720f0e776
commit 1c6b7a967f
11 changed files with 1094 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
LibreNMS/Authentication/HttpAuthAuthorizer.php
View File

@@ -10,6 +10,7 @@ class HttpAuthAuthorizer extends AuthorizerBase
{
protected static $HAS_AUTH_USERMANAGEMENT = 1;
protected static $CAN_UPDATE_USER = 1;
protected static $AUTH_IS_EXTERNAL = 1;
public function authenticate($username, $password)
{
@@ -103,4 +104,13 @@ class HttpAuthAuthorizer extends AuthorizerBase
{
dbUpdate(array('realname' => $realname, 'level' => $level, 'can_modify_passwd' => $can_modify_passwd, 'email' => $email), 'users', '`user_id` = ?', array($user_id));
}
public function getExternalUsername()
{
if (isset($_SERVER['REMOTE_USER'])) {
return clean($_SERVER['REMOTE_USER']);
} elseif (isset($_SERVER['PHP_AUTH_USER'])) {
return clean($_SERVER['PHP_AUTH_USER']);
}
}
}