06938: Web Server Auth Doesn't work - LimeSurvey bugs and feature requests

This bug affects 1 person(s).

254

ID	Project	Category	View Status	Date Submitted	Last Update

06938	Bug reports	Security	public	2012-11-22 18:51	2012-12-04 13:16

Reporter	pfpDave	Assigned To	c_schmitz
Priority	normal	Severity	minor
Status	closed	Resolution	fixed
Product Version	2.00+
Fixed in Version	2.00+

Summary	06938: Web Server Auth Doesn't work
Description	Web Server Auth doesn't work because some code appears to be missing from application\core\useridentity.php. Additionally, I've added code to make it work with Windows Integrated Authentication (allowing single sign on). Code changes to the above file are: Change line 59 farom: elseif(Yii::app()->getConfig("auth_webserver") === true && isset($_SERVER['PHP_AUTH_USER'])) // normal login through webserver authentication to: elseif(Yii::app()->getConfig("auth_webserver") === true && (isset($_SERVER['PHP_AUTH_USER'])\|\|isset($_SERVER['LOGON_USER']))) // normal login through webserver authentication Change line 61 from: $sUser=$_SERVER['PHP_AUTH_USER']; to: `if (isset($_SERVER['PHP_AUTH_USER'])) { $sUser=$_SERVER['PHP_AUTH_USER']; } else { $sUser = $_SERVER['LOGON_USER']; $sUser = substr($sUser, strrpos($sUser, "\\")+1); }` change (old) line 74 from: `elseif (Yii::app()->getConfig("auth_webserver_autocreate_user")) { $aUserProfile=Yii::app()->getConfig("auth_webserver_autocreate_profile"); } }` to: `elseif (Yii::app()->getConfig("auth_webserver_autocreate_user")) { $aUserProfile=Yii::app()->getConfig("auth_webserver_autocreate_profile"); } } else { $this->id = $oUser->uid; $this->user = $oUser; $this->errorCode = self::ERROR_NONE; }`
Tags	No tags attached.

Bug heat	254
Complete LimeSurvey version number (& build)	121115
I will donate to the project if issue is resolved	No
Browser	IE8
Database type & version	SQL Express 2012
Server OS (if known)	Server 2008
Webserver software & version (if known)	IIS 7
PHP Version	5.4.8

User List	There are no users monitoring this issue.

pfpDave 2012-11-22 19:00 reporter ~22436	I've also made an additional enhancement to my install that will allow me to login with an alternative user ID if I want to (ie to login as admin from a colleagues PC for example). The change I made is: Line 29 from: `if (Yii::app()->getConfig("auth_webserver")==false)` to: `if (Yii::app()->getConfig("auth_webserver")==false \|\| $this->username != "")`

c_schmitz 2012-11-23 19:22 administrator ~22462	Thank you very much!

c_schmitz 2012-11-23 19:22 administrator ~22464	Fix committed to master branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=10451

c_schmitz 2012-11-24 00:11 administrator ~22474	Fix committed to 2.1 branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=10465

pfpDave 2012-11-26 10:29 reporter ~22508	There's a slight fault in the implementation you have added, the closing curly brace needs moving from line 98 to line 93 just above the '} else {'

c_schmitz 2012-11-27 06:11 administrator ~22576	New 2.00+ build released.

pfpDave 2012-11-27 16:38 reporter ~22609	The latest release doesn't contain the fix in my last comment and therefore has a bug.

c_schmitz 2012-11-30 15:33 administrator ~22744	Fix committed to master branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=10620

c_schmitz 2012-11-30 17:02 administrator ~22756	Fix committed to 2.1 branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=10629

c_schmitz 2012-12-04 13:16 administrator ~22857	LimeSurvey 2.0+ build 121204 released.

LimeSurvey: master b9abfc2d 2012-11-23 18:22:20 c_schmitz Details Diff	Fixed issue 06938: Web server auth doesn't work - patch by pfpDave	Affected Issues 06938
	mod - application/core/UserIdentity.php	Diff File
LimeSurvey: 2.1 fd0f9239 2012-11-23 18:22:20 c_schmitz Details Diff	Fixed issue 06938: Web server auth doesn't work - patch by pfpDave	Affected Issues 06938
	mod - application/core/UserIdentity.php	Diff File
LimeSurvey: master c57d276b 2012-11-30 14:31:38 c_schmitz Details Diff	Fixed issue 06938: Web server auth doesn't work - patch by pfpDave	Affected Issues 06938
	mod - application/core/UserIdentity.php	Diff File
LimeSurvey: 2.1 63e307fe 2012-11-30 14:31:38 c_schmitz Details Diff	Fixed issue 06938: Web server auth doesn't work - patch by pfpDave	Affected Issues 06938
	mod - application/core/UserIdentity.php	Diff File

Date Modified	Username	Field	Change
2012-11-22 18:51	pfpDave	New Issue
2012-11-22 19:00	pfpDave	Note Added: 22436
2012-11-23 19:21	c_schmitz	Assigned To	=> c_schmitz
2012-11-23 19:21	c_schmitz	Status	new => assigned
2012-11-23 19:22	c_schmitz	Note Added: 22462
2012-11-23 19:22	c_schmitz	Status	assigned => resolved
2012-11-23 19:22	c_schmitz	Fixed in Version	=> 2.00+
2012-11-23 19:22	c_schmitz	Resolution	open => fixed
2012-11-23 19:22	c_schmitz	Changeset attached	=> LimeSurvey master b9abfc2d
2012-11-23 19:22	c_schmitz	Note Added: 22464
2012-11-24 00:11	c_schmitz	Changeset attached	=> LimeSurvey 2.1 fd0f9239
2012-11-24 00:11	c_schmitz	Note Added: 22474
2012-11-26 10:29	pfpDave	Note Added: 22508
2012-11-27 06:11	c_schmitz	Note Added: 22576
2012-11-27 06:11	c_schmitz	Status	resolved => closed
2012-11-27 16:38	pfpDave	Note Added: 22609
2012-11-27 16:38	pfpDave	Status	closed => feedback
2012-11-27 16:38	pfpDave	Resolution	fixed => reopened
2012-11-30 15:32	c_schmitz	Status	feedback => resolved
2012-11-30 15:32	c_schmitz	Resolution	reopened => fixed
2012-11-30 15:33	c_schmitz	Changeset attached	=> LimeSurvey master c57d276b
2012-11-30 15:33	c_schmitz	Note Added: 22744
2012-11-30 17:02	c_schmitz	Changeset attached	=> LimeSurvey 2.1 63e307fe
2012-11-30 17:02	c_schmitz	Note Added: 22756
2012-12-04 13:16	c_schmitz	Note Added: 22857
2012-12-04 13:16	c_schmitz	Status	resolved => closed

View Issue Details

Users monitoring this issue

Activities

Related Changesets

Issue History