- up to 2009-01-26 rc

[packages/dokuwiki.git] / dokuwiki-http_auth-option.patch

--- dokuwiki-rc2009-01-26/conf/dokuwiki.php~    2009-01-27 12:56:43.000000000 +0200
+++ dokuwiki-rc2009-01-26/conf/dokuwiki.php     2009-01-27 12:57:04.936215007 +0200
@@ -75,6 +75,7 @@
 $conf['disableactions'] = '';            //comma separated list of actions to disable
 $conf['sneaky_index']   = 0;             //check for namespace read permission in index view (0|1) (1 might cause unexpected behavior)
 $conf['auth_security_timeout'] = 900;    //time (seconds) auth data is considered valid, set to 0 to recheck on every page view
+$conf['http_auth'] = 1;                  //allows HTTP authorization (SSO) from PHP_AUTH_USER/PHP_AUTH_PW variables
 $conf['securecookie'] = 1;               //never send HTTPS cookies via HTTP
 
 /* Advanced Options */
--- dokuwiki-2007-06-26b/inc/auth.php~  2007-06-26 21:27:15.000000000 +0300
+++ dokuwiki-2007-06-26b/inc/auth.php   2007-12-19 00:40:14.598022033 +0200
@@ -60,7 +60,7 @@
       if (!isset($_REQUEST['r'])) $_REQUEST['r'] = '';
 
       // if no credentials were given try to use HTTP auth (for SSO)
-      if(empty($_REQUEST['u']) && empty($_COOKIE[DOKU_COOKIE]) && !empty($_SERVER['PHP_AUTH_USER'])){
+      if($conf['http_auth'] && empty($_REQUEST['u']) && empty($_COOKIE[DOKU_COOKIE]) && !empty($_SERVER['PHP_AUTH_USER'])){
         $_REQUEST['u'] = $_SERVER['PHP_AUTH_USER'];
         $_REQUEST['p'] = $_SERVER['PHP_AUTH_PW'];
       }