Commit ef5f8522 authored by Christophe Maudoux's avatar Christophe Maudoux 🐛

Improve debug log & typo

parent 3c2ecfd0
Pipeline #6790 passed with stage
in 13 minutes and 46 seconds
......@@ -11,7 +11,7 @@ use Lemonldap::NG::Common::UserAgent;
use Lemonldap::NG::Common::FormEncode;
use Lemonldap::NG::Common::Session;
our $VERSION = '2.0.6';
our $VERSION = '2.0.7';
our @ISA = ('Exporter');
our @EXPORT = qw(fetchId retrieveSession createSession hideCookie goToPortal);
our @EXPORT_OK = @EXPORT;
......@@ -62,12 +62,12 @@ sub retrieveSession {
}
## @rmethod protected boolean createSession(id)
# Ask portal to create it through a SOAP request
# Send a create session request to the Portal
# @return true if the session is created, else false
sub createSession {
my ( $class, $req, $id ) = @_;
# Add client IP as X-Forwarded-For IP in SOAP request
# Add client IP as X-Forwarded-For IP in request
my $xheader = $req->env->{'HTTP_X_FORWARDED_FOR'};
$xheader .= ", " if ($xheader);
$xheader .= $req->{env}->{REMOTE_ADDR};
......@@ -149,7 +149,7 @@ sub hideCookie {
# else redirect him to the portal to display some message defined by $arg
# @param $url Url requested
# @param $arg optionnal GET parameters
# @return Apache2::Const::REDIRECT or Apache2::Const::AUTH_REQUIRED
# @return AUTH_REDIRECT or AUTH_REQUIRED constant
sub goToPortal {
my ( $class, $req, $url, $arg ) = @_;
if ($arg) {
......@@ -171,7 +171,6 @@ sub ua {
lwpSslOpts => $class->tsv->{lwpSslOpts}
}
);
return $_ua;
}
......
# Main running methods file
package Lemonldap::NG::Handler::Main::Run;
our $VERSION = '2.0.6';
our $VERSION = '2.0.7';
package Lemonldap::NG::Handler::Main;
......@@ -97,10 +97,10 @@ sub checkType {
## @rmethod int run
# Check configuration and launch Lemonldap::NG::Handler::Main::run().
# Each $checkTime, the Apache child verify if its configuration is the same
# Each $checkTime, server child verifies if its configuration is the same
# as the configuration stored in the local storage.
# @param $rule optional Perl expression to grant access
# @return Apache constant
# @return constant
sub run {
my ( $class, $req, $rule, $protection ) = @_;
......@@ -121,11 +121,10 @@ sub run {
}
}
# Cross domain authentication
# Authentication process
my $uri = $req->{env}->{REQUEST_URI};
$uri = $req->{env}->{REQUEST_URI};
my ($cond);
( $cond, $protection ) = $class->conditionSub($rule) if ($rule);
$protection = $class->isUnprotected( $req, $uri ) || 0
unless ( defined $protection );
......@@ -273,6 +272,12 @@ sub grant {
$vhost ||= $class->resolveAlias($req);
if ( my $level = $class->tsv->{authnLevel}->{$vhost} ) {
if ( $session->{authenticationLevel} < $level ) {
$class->logger->debug(
"User authentication level = $session->{authenticationLevel}");
$class->logger->debug("Required authentication level = $level");
$class->logger->warn(
"User rejected due to insufficient authentication level -> Session upgrade enabled"
);
$session->{_upgrade} = 1;
return 0;
}
......@@ -414,7 +419,7 @@ sub fetchId {
my $value =
$lookForHttpCookie
? ( $t =~ /${cn}http=([^,; ]+)/o ? $1 : 0 )
: ( $t =~ /$cn=([^,; ]+)/o ? $1 : 0 );
: ( $t =~ /$cn=([^,; ]+)/o ? $1 : 0 );
if ( $value && $lookForHttpCookie && $class->tsv->{securedCookie} == 3 ) {
$value = $class->tsv->{cipher}->decryptHex( $value, "http" );
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment