Documentation

Apache
in package
implements BackendInterface

Apache (or NGINX) authenticator.

This authentication backend assumes that authentication has been configured in apache (or NGINX), rather than within SabreDAV.

Make sure apache (or NGINX) is properly configured for this to work.

Tags
copyright

Copyright (C) fruux GmbH (https://fruux.com/)

author

Evert Pot (http://evertpot.com/)

license

http://sabre.io/license/ Modified BSD License

Interfaces, Classes and Traits

BackendInterface
This is the base class for any authentication object.

Table of Contents

$principalPrefix  : string
This is the prefix that will be used to generate principal urls.
challenge()  : mixed
This method is called when a user could not be authenticated, and authentication was required for the current request.
check()  : array<string|int, mixed>
When this method is called, the backend must check if authentication was successful.

Properties

$principalPrefix

This is the prefix that will be used to generate principal urls.

protected string $principalPrefix = 'principals/'

Methods

challenge()

This method is called when a user could not be authenticated, and authentication was required for the current request.

public challenge(RequestInterface $request, ResponseInterface $response) : mixed

This gives you the opportunity to set authentication headers. The 401 status code will already be set.

In this case of Basic Auth, this would for example mean that the following header needs to be set:

$response->addHeader('WWW-Authenticate', 'Basic realm=SabreDAV');

Keep in mind that in the case of multiple authentication backends, other WWW-Authenticate headers may already have been set, and you'll want to append your own WWW-Authenticate header instead of overwriting the existing one.

Parameters
$request : RequestInterface
$response : ResponseInterface
Return values
mixed

check()

When this method is called, the backend must check if authentication was successful.

public check(RequestInterface $request, ResponseInterface $response) : array<string|int, mixed>

The returned value must be one of the following

[true, "principals/username"] [false, "reason for failure"]

If authentication was successful, it's expected that the authentication backend returns a so-called principal url.

Examples of a principal url:

principals/admin principals/user1 principals/users/joe principals/uid/123457

If you don't use WebDAV ACL (RFC3744) we recommend that you simply return a string such as:

principals/users/[username]

Parameters
$request : RequestInterface
$response : ResponseInterface
Return values
array<string|int, mixed>

Search results