From 3fe837dad7d887f52096ba1adb26102f3a16754c Mon Sep 17 00:00:00 2001 From: Simon Erkelens Date: Sat, 10 Jun 2017 14:46:01 +1200 Subject: [PATCH] Fix for CMS Authenticator. Should only apply to CMSSecurity --- _config/security.yml | 3 +++ src/Security/CMSSecurity.php | 4 ++-- src/Security/Security.php | 2 +- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/_config/security.yml b/_config/security.yml index ef8c59fc1..8930f15bb 100644 --- a/_config/security.yml +++ b/_config/security.yml @@ -31,5 +31,8 @@ SilverStripe\Core\Injector\Injector: properties: Authenticators: default: %$SilverStripe\Security\MemberAuthenticator\MemberAuthenticator + SilverStripe\Security\CMSSecurity: + properties: + Authenticators: cms: %$SilverStripe\Security\MemberAuthenticator\CMSMemberAuthenticator SilverStripe\Security\IdentityStore: %$SilverStripe\Security\AuthenticationHandler diff --git a/src/Security/CMSSecurity.php b/src/Security/CMSSecurity.php index 540417a45..826da9a89 100644 --- a/src/Security/CMSSecurity.php +++ b/src/Security/CMSSecurity.php @@ -165,14 +165,14 @@ PHP * * @return bool */ - public static function enabled() + public function enabled() { // Disable shortcut if (!static::config()->get('reauth_enabled')) { return false; } - return count(Security::singleton()->getApplicableAuthenticators(Authenticator::CMS_LOGIN)) > 0; + return count($this->getApplicableAuthenticators(Authenticator::CMS_LOGIN)) > 0; } /** diff --git a/src/Security/Security.php b/src/Security/Security.php index 16ae137e8..2fc3b1312 100644 --- a/src/Security/Security.php +++ b/src/Security/Security.php @@ -356,7 +356,7 @@ class Security extends Controller implements TemplateGlobalProvider _t('SilverStripe\\CMS\\Controllers\\ContentController.NOTLOGGEDIN', 'Not logged in') ); // Tell the CMS to allow re-authentication - if (CMSSecurity::enabled()) { + if (CMSSecurity::singleton()->enabled()) { $response->addHeader('X-Reauthenticate', '1'); } }