Check authentication driver for expired authentication. Still doesn't trigger logouts...

diff --git a/framework/Auth/lib/Horde/Auth.php b/framework/Auth/lib/Horde/Auth.php
index de6d921..6d6ef65 100644 (file)
--- a/framework/Auth/lib/Horde/Auth.php
+++ b/framework/Auth/lib/Horde/Auth.php
@@ -444,7 +444,8 @@ class Horde_Auth
             }
         }
 
-        return true;
+        $auth = self::singleton($GLOBALS['conf']['auth']['driver']);
+        return $auth->checkExistingAuth();
     }
 
     /**

diff --git a/framework/Auth/lib/Horde/Auth/Base.php b/framework/Auth/lib/Horde/Auth/Base.php
index 62b8784..38fde74 100644 (file)
--- a/framework/Auth/lib/Horde/Auth/Base.php
+++ b/framework/Auth/lib/Horde/Auth/Base.php
@@ -133,6 +133,16 @@ abstract class Horde_Auth_Base
     abstract protected function _authenticate($userId, $credentials);
 
     /**
+     * Check existing auth for triggers that might invalidate it.
+     *
+     * @return boolean  Is existing auth valid?
+     */
+    public function checkExistingAuth()
+    {
+        return true;
+    }
+
+    /**
      * Adds a set of authentication credentials.
      *
      * @param string $userId      The userId to add.

diff --git a/framework/Auth/lib/Horde/Auth/Shibboleth.php b/framework/Auth/lib/Horde/Auth/Shibboleth.php
index e2cfea2..01311e7 100644 (file)
--- a/framework/Auth/lib/Horde/Auth/Shibboleth.php
+++ b/framework/Auth/lib/Horde/Auth/Shibboleth.php
@@ -76,6 +76,17 @@ class Horde_Auth_Shibboleth extends Horde_Auth_Base
     }
 
     /**
+     * Check existing auth for triggers that might invalidate it.
+     *
+     * @return boolean  Is existing auth valid?
+     */
+    public function checkExistingAuth()
+    {
+        return !empty($_SERVER[$this->_params['username_header']]) &&
+            $_SERVER[$this->_params['username_header']] == Horde_Auth::getAuth();
+    }
+
+    /**
      * Automatic authentication: check if the username is set in the
      * configured header.
      *