Commit 99ee8d1a authored by sympa-authors's avatar sympa-authors
Browse files

Fix: now report CAS authentication failures

Also fixed a bug related to recent auth_services changes


git-svn-id: https://subversion.renater.fr/sympa/trunk@3477 05aa8bb8-cd2b-0410-b1d7-8918dfa770ce
parent 6636f069
......@@ -224,7 +224,7 @@ sub casLogin {
}
## Now fetch email attribute from LDAP
unless ($email = &Auth::get_email_by_net_id($cas_id, {'uid' => $user})) {
unless ($email = &Auth::get_email_by_net_id($robot, $cas_id, {'uid' => $user})) {
&do_log('err','Could not get email address from LDAP for user %s', $user);
die SOAP::Fault->faultcode('Server')
->faultstring('Authentification failed')
......
......@@ -333,6 +333,7 @@ sub ldap_authentication {
# fetch user email using his cas net_id and the paragrapah number in auth.conf
sub get_email_by_net_id {
my $robot = shift;
my $auth_id = shift;
my $attributes = shift;
......@@ -356,7 +357,7 @@ sub get_email_by_net_id {
}
require Net::LDAP::Message;
my $ldap = @{$Conf{'auth_services'}}[$auth_id];
my $ldap = @{$Conf{'auth_services'}{$robot}}[$auth_id];
my $filter = $ldap->{'ldap_get_email_by_uid_filter'} ;
$filter =~ s/\[([\w-]+)\]/$attributes->{$1}/ig;
......
......@@ -739,7 +739,7 @@ if ($wwsconf->{'use_fast_cgi'}) {
if(defined $net_id) { # the ticket is valid net-id
do_log('notice',"login CAS OK server netid=$net_id" );
$param->{'user'}{'email'} = lc(&Auth::get_email_by_net_id($cas_id, {'uid' => $net_id}));
$param->{'user'}{'email'} = lc(&Auth::get_email_by_net_id($robot, $cas_id, {'uid' => $net_id}));
$param->{'auth'} = 'cas';
&cookielib::set_cas_server($wwsconf->{'cookie_domain'},$cas_id);
......@@ -1976,7 +1976,7 @@ sub do_sso_login {
return 'home';
}
$email = &Auth::get_email_by_net_id($sso_id, \%ENV);
$email = &Auth::get_email_by_net_id($robot, $sso_id, \%ENV);
}
unless ($email) {
......@@ -2029,9 +2029,14 @@ sub do_sso_login {
}
sub do_sso_login_succeeded {
&wwslog('info', 'do_sso_login(%s)', $in{'auth_service_name'});
&report::notice_report_web('you_have_been_authenticated',{},$param->{'action'});
&wwslog('info', 'do_sso_login_succeeded(%s)', $in{'auth_service_name'});
if (defined $param->{'user'} && $param->{'user'}{'email'}) {
&report::notice_report_web('you_have_been_authenticated',{},$param->{'action'});
}else {
&report::reject_report_web('user','auth_failed',{},$param->{'action'});
}
## We should refresh the main window
if ($param->{'nomenu'}) {
$param->{'back_to_mom'} = 1;
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment