From: Jan Schneider <jan@horde.org>
Date: Fri, 14 May 2010 22:03:51 +0000 (+0200)
Subject: Check authentication driver for expired authentication. Still doesn't trigger logouts... 
X-Git-Url: https://git.internetallee.de/?a=commitdiff_plain;h=2b028d28dd808ef287e809804e5da35a87a555c4;p=horde.git

Check authentication driver for expired authentication. Still doesn't trigger logouts though.
---

diff --git a/framework/Auth/lib/Horde/Auth.php b/framework/Auth/lib/Horde/Auth.php
index de6d921c1..6d6ef6504 100644
--- a/framework/Auth/lib/Horde/Auth.php
+++ b/framework/Auth/lib/Horde/Auth.php
@@ -444,7 +444,8 @@ class Horde_Auth
             }
         }
 
-        return true;
+        $auth = self::singleton($GLOBALS['conf']['auth']['driver']);
+        return $auth->checkExistingAuth();
     }
 
     /**
diff --git a/framework/Auth/lib/Horde/Auth/Base.php b/framework/Auth/lib/Horde/Auth/Base.php
index 62b878458..38fde749e 100644
--- a/framework/Auth/lib/Horde/Auth/Base.php
+++ b/framework/Auth/lib/Horde/Auth/Base.php
@@ -133,6 +133,16 @@ abstract class Horde_Auth_Base
     abstract protected function _authenticate($userId, $credentials);
 
     /**
+     * Check existing auth for triggers that might invalidate it.
+     *
+     * @return boolean  Is existing auth valid?
+     */
+    public function checkExistingAuth()
+    {
+        return true;
+    }
+
+    /**
      * Adds a set of authentication credentials.
      *
      * @param string $userId      The userId to add.
diff --git a/framework/Auth/lib/Horde/Auth/Shibboleth.php b/framework/Auth/lib/Horde/Auth/Shibboleth.php
index e2cfea27f..01311e714 100644
--- a/framework/Auth/lib/Horde/Auth/Shibboleth.php
+++ b/framework/Auth/lib/Horde/Auth/Shibboleth.php
@@ -76,6 +76,17 @@ class Horde_Auth_Shibboleth extends Horde_Auth_Base
     }
 
     /**
+     * Check existing auth for triggers that might invalidate it.
+     *
+     * @return boolean  Is existing auth valid?
+     */
+    public function checkExistingAuth()
+    {
+        return !empty($_SERVER[$this->_params['username_header']]) &&
+            $_SERVER[$this->_params['username_header']] == Horde_Auth::getAuth();
+    }
+
+    /**
      * Automatic authentication: check if the username is set in the
      * configured header.
      *