[Tickets #507] NEW: [PATCH] Configurable domain stripping

bugs at bugs.horde.org bugs at bugs.horde.org
Tue Aug 24 20:44:09 PDT 2004


DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.

Ticket URL: http://bugs.horde.org/ticket/?id=507
-----------------------------------------------------------------------
 Ticket     | 507
 Created By | ben at alkaloid.net
 Summary    | [PATCH] Configurable domain stripping
 Queue      | Passwd
 Version    | 2.2.1
 State      | New
 Priority   | 2. Medium
 Type       | Enhancement
 Owners     | 
-----------------------------------------------------------------------


ben at alkaloid.net (2004-08-24 20:44) wrote:

In my environment the entire username + domain is required to manipulate
authentication tokens.  Therefore, I have added a conf.php option to passwd
to allow the administrator to choose whether or not to strip the domain from
the username.  The default is to replicate the functionality before the
patch.  Trivial diff included.
---------- snip patch below -------------
diff -urN passwd-2.2.1/main.php passwd/main.php
--- passwd-2.2.1/main.php       2004-03-26 17:43:28.000000000 -0500
+++ passwd/main.php     2004-08-24 23:05:19.000000000 -0400
@@ -224,8 +224,12 @@
                                      Auth::getAuth());
         }
     } else {
-        $splitted  = split("@", Auth::getAuth());
-        $userid = @$splitted[0];
+        if($conf['prefs']['strip_domain']) {
+               $splitted  = split("@", Auth::getAuth());
+               $userid = @$splitted[0];
+       } else {
+               $userid = Auth::getAuth();
+       }
     }
 }

diff -urN passwd-2.2.1/config/conf.php.dist passwd/config/conf.php.dist
--- passwd-2.2.1/config/conf.php.dist   2003-01-20 20:28:29.000000000 -0500
+++ passwd/config/conf.php.dist 2004-08-24 23:06:42.000000000 -0400
@@ -25,6 +25,10 @@

 $conf['backend']['backend_list'] = 'hidden';

+// Determine whether or not to strip of the domain portion of the user's
+// authentication token.  By default we do.
+$conf['prefs']['strip_domain'] = 1;
+
 // Define usernames for which we will refuse to change passwords.
 // This may or may not work with realms or virtual hosting, depending on
setup






More information about the bugs mailing list