From 929f45deea0fc56a5dfdb43d1e0c0a44a030aa1c Mon Sep 17 00:00:00 2001
From: Markus Frosch <lazyfrosch@icinga.org>
Date: Wed, 2 Mar 2016 17:39:05 +0100
Subject: [PATCH] Fix session resume for external auths

When REMOTE_USER is not available from _SERVER (PHP internal webserver)

fixes #11277
---
 library/Icinga/Authentication/Auth.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/library/Icinga/Authentication/Auth.php b/library/Icinga/Authentication/Auth.php
index 6a8e32a62..9fb43922c 100644
--- a/library/Icinga/Authentication/Auth.php
+++ b/library/Icinga/Authentication/Auth.php
@@ -244,7 +244,8 @@ class Auth
         $this->user = Session::getSession()->get('user');
         if ($this->user !== null && $this->user->isExternalUser() === true) {
             list($originUsername, $field) = $this->user->getExternalUserInformation();
-            if (! array_key_exists($field, $_SERVER) || $_SERVER[$field] !== $originUsername) {
+            $username = getenv($field); // usually REMOTE_USER here
+            if ( !$username || $username !== $originUsername) {
                 $this->removeAuthorization();
             }
         }