Merge branch '2.4'

* 2.4:
  fix docblock
  Fixed incompatibility of x509 auth with nginx
  [Process] Setting STDIN while running should not be possible
  [Validator] slovenian translation updated
  [FrameworkBundle] improve English in RouterMatchCommand
  [Validator] Updated Hungarian translations
  [Doctrine Bridge] simplify session handler by using main connection
  [Validator] Fixed typos in German translation
  [Validator] Completed French translations
  [Validator] Completed German translations
  [Validator] Completed Luxembourgish translations

1 files changed, 10 insertions, 3 deletions

diff --git a/Http/Firewall/X509AuthenticationListener.php b/Http/Firewall/X509AuthenticationListener.php
index 5aabf75..9c07be1 100644
--- a/Http/Firewall/X509AuthenticationListener.php
+++ b/Http/Firewall/X509AuthenticationListener.php
@@ -41,10 +41,17 @@ class X509AuthenticationListener extends AbstractPreAuthenticatedListener
      */
     protected function getPreAuthenticatedData(Request $request)
     {
-        if (!$request->server->has($this->userKey)) {
-            throw new BadCredentialsException(sprintf('SSL key was not found: %s', $this->userKey));
+        $user = null;
+        if ($request->server->has($this->userKey)) {
+            $user = $request->server->get($this->userKey);
+        } elseif ($request->server->has($this->credentialKey) && preg_match('#/emailAddress=(.+\@.+\..+)(/|$)#', $request->server->get($this->credentialKey), $matches)) {
+            $user = $matches[1];
         }
 
-        return array($request->server->get($this->userKey), $request->server->get($this->credentialKey, ''));
+        if (null === $user) {
+            throw new BadCredentialsException(sprintf('SSL credentials not found: %s, %s', $this->userKey, $this->credentialKey));
+        }
+
+        return array($user, $request->server->get($this->credentialKey, ''));
     }
 }