Nico B dfc638dd98 [fix] Login: HTTP Auth when internal redirects occur (#1772) ...

When Apache performs an internal redirect, it stores the username in the
REDIRECT_REMOTE_USER variable instead of REMOTE_USER, breaking HTTP
authentication. For more information, see this Stack Overflow
discussion:
<https://stackoverflow.com/questions/3050444/when-setting-environment-variables-in-apache-rewriterule-directives-what-causes>

This commit first tries REMOTE_USER, as before. If it is not set, it checks whether REDIRECT_REMOTE_USER is set.

2018-01-22 15:12:44 +01:00

15 KiB

Raw Blame History

View Raw