1 --- dokuwiki-2018-04-22c.org/conf/dokuwiki.php 2020-05-01 12:38:20.000000000 +0200
2 +++ dokuwiki-2018-04-22c/conf/dokuwiki.php 2022-09-27 22:46:31.557879706 +0200
3 @@ -63,6 +63,7 @@ $conf['profileconfirm'] = 1;
4 $conf['rememberme'] = 1; //Enable/disable remember me on login
5 $conf['disableactions'] = ''; //comma separated list of actions to disable
6 $conf['auth_security_timeout'] = 900; //time (seconds) auth data is considered valid, set to 0 to recheck on every page view
7 +$conf['http_auth'] = 1; //allows HTTP authorization (SSO) from PHP_AUTH_USER/PHP_AUTH_PW variables
8 $conf['securecookie'] = 1; //never send HTTPS cookies via HTTP
9 $conf['remote'] = 0; //Enable/disable remote interfaces
10 $conf['remoteuser'] = '!!not set!!'; //user/groups that have access to remote interface (comma separated)
11 --- dokuwiki-2018-04-22c.org/inc/auth.php 2020-05-01 12:38:20.000000000 +0200
12 +++ dokuwiki-2018-04-22c/inc/auth.php 2022-09-27 22:46:31.557879706 +0200
13 @@ -84,7 +84,7 @@ function auth_setup() {
16 // if no credentials were given try to use HTTP auth (for SSO)
17 - if(!$INPUT->str('u') && empty($_COOKIE[DOKU_COOKIE]) && !empty($_SERVER['PHP_AUTH_USER'])) {
18 + if($conf['http_auth'] && !$INPUT->str('u') && empty($_COOKIE[DOKU_COOKIE]) && !empty($_SERVER['PHP_AUTH_USER'])) {
19 $INPUT->set('u', $_SERVER['PHP_AUTH_USER']);
20 $INPUT->set('p', $_SERVER['PHP_AUTH_PW']);
21 $INPUT->set('http_credentials', true);