-
Incident report
-
Resolution: Duplicate
-
Minor
-
None
-
None
-
None
When enabling HTTP Authentication on Zabbix Frontend, I noticed that the index.php will look for the $_SERVER['PHP_AUTH_USER'] in order to know if the user is logged in and which authorizations it should have.
However, the PHP_AUTH_USER variable will not be availabled if:
- PHP SafeMode is on
- HTTP Digest Authentication
I'm not a web developer and I don't know what are the implications, but using the $_SERVER['REMOTE_USER'] instead of $_SERVER['PHP_AUTH_USER'] will solve both the issues and probably some other.
There are similar bug requests like: ZBX-3779, ZBX-6260, ZBX-5513
Attached a simple tested patch
- duplicates
-
ZBXNEXT-3118 Allow to use complex "login" formats (SSO cases)
- Open