When using Web Basic Authentication, users may be seen as guests

[TheWitness]

Describe the bug

When using basic authentication, when using certain modules include mod_auth_melon, the SAML redirection can cause the authenticated user to become a guest account instead of the intended template and or login account.

Expected behavior

Less cacti bugs.

[netniV]

was this resolved?

[TheWitness]

Yea, this was resolved. We are still tracking a redirect loop though. Basically the way that the mod_auth_melon works with redirection is, the the user hit's cacti, the user is redirected to the Azure web page where they enter their corporate credentials, and then the client is redirected back to index.php, however, when Azure does that, the HTTP_REFERER has been lost and points back to Azure instead. So, when Cacti picks up what it though was the location in Cacti to redirect to, it actually redirected back to Azure which sees that the user has valid creds, and redirects back to index.php. Until it hit's the threshold.

It would be nice if mod_auth_melon could pass the page that the user wanted to goto to the Azure service, and simply redirect back to that page. Otherwise Cacti's setting "goto where the user pointed their browser to after login" will never work.

This issue was related, but I reproduced and fixed it.