diff options
| author | alcaeus <git@alcaeus.org> | 2014-04-20 13:12:50 +0200 |
|---|---|---|
| committer | Fabien Potencier <fabien.potencier@gmail.com> | 2014-04-22 09:12:31 +0200 |
| commit | 8fe3c7d8710f0eab18a505122a8839a8bce9815c (patch) | |
| tree | 151346eababea113f11125e84790be39a51ad56f /Http | |
| parent | 28fd9e9e753e8ad7384e0ba7baf0a82ff9c57e42 (diff) | |
| download | symfony-security-8fe3c7d8710f0eab18a505122a8839a8bce9815c.zip symfony-security-8fe3c7d8710f0eab18a505122a8839a8bce9815c.tar.gz symfony-security-8fe3c7d8710f0eab18a505122a8839a8bce9815c.tar.bz2 | |
Fixed incompatibility of x509 auth with nginx
Diffstat (limited to 'Http')
| -rw-r--r-- | Http/Firewall/X509AuthenticationListener.php | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/Http/Firewall/X509AuthenticationListener.php b/Http/Firewall/X509AuthenticationListener.php index 5aabf75..9c07be1 100644 --- a/Http/Firewall/X509AuthenticationListener.php +++ b/Http/Firewall/X509AuthenticationListener.php @@ -41,10 +41,17 @@ class X509AuthenticationListener extends AbstractPreAuthenticatedListener */ protected function getPreAuthenticatedData(Request $request) { - if (!$request->server->has($this->userKey)) { - throw new BadCredentialsException(sprintf('SSL key was not found: %s', $this->userKey)); + $user = null; + if ($request->server->has($this->userKey)) { + $user = $request->server->get($this->userKey); + } elseif ($request->server->has($this->credentialKey) && preg_match('#/emailAddress=(.+\@.+\..+)(/|$)#', $request->server->get($this->credentialKey), $matches)) { + $user = $matches[1]; } - return array($request->server->get($this->userKey), $request->server->get($this->credentialKey, '')); + if (null === $user) { + throw new BadCredentialsException(sprintf('SSL credentials not found: %s, %s', $this->userKey, $this->credentialKey)); + } + + return array($user, $request->server->get($this->credentialKey, '')); } } |