Commit b70d8ea6 authored by Christophe Maudoux's avatar Christophe Maudoux

Revert "Catch error msg if Id doesn t exist (#1628)"

This reverts commit 8b9c47d6
parent 8b9c47d6
...@@ -108,7 +108,8 @@ sub controlUrl { ...@@ -108,7 +108,8 @@ sub controlUrl {
); );
# XSS attack # XSS attack
if ($self->checkXSSAttack( if (
$self->checkXSSAttack(
$req->param('logout') ? 'HTTP Referer' : 'urldc', $req->param('logout') ? 'HTTP Referer' : 'urldc',
$req->{urldc} $req->{urldc}
) )
...@@ -177,8 +178,7 @@ sub deleteSession { ...@@ -177,8 +178,7 @@ sub deleteSession {
# TODO # TODO
# Collect logout services and build hidden iFrames # Collect logout services and build hidden iFrames
if ( $req->data->{logoutServices} and %{ $req->data->{logoutServices} } ) if ( $req->data->{logoutServices} and %{ $req->data->{logoutServices} } ) {
{
$self->logger->debug("Create iFrames to forward logout to services"); $self->logger->debug("Create iFrames to forward logout to services");
...@@ -190,14 +190,14 @@ sub deleteSession { ...@@ -190,14 +190,14 @@ sub deleteSession {
foreach ( keys %{ $req->data->{logoutServices} } ) { foreach ( keys %{ $req->data->{logoutServices} } ) {
my $logoutServiceName = $_; my $logoutServiceName = $_;
my $logoutServiceUrl my $logoutServiceUrl =
= $req->data->{logoutServices}->{$logoutServiceName}; $req->data->{logoutServices}->{$logoutServiceName};
$self->logger->debug( $self->logger->debug(
"Find logout service $logoutServiceName ($logoutServiceUrl)"); "Find logout service $logoutServiceName ($logoutServiceUrl)");
my $iframe my $iframe =
= qq'<iframe src="$logoutServiceUrl" alt="$logoutServiceName"' qq'<iframe src="$logoutServiceUrl" alt="$logoutServiceName"'
. ' marginwidth="0" marginheight="0" scrolling="no"' . ' marginwidth="0" marginheight="0" scrolling="no"'
. ' class="hiddenFrame" width="0" height="0"' . ' class="hiddenFrame" width="0" height="0"'
. ' frameborder="0"></iframe>'; . ' frameborder="0"></iframe>';
...@@ -207,8 +207,7 @@ sub deleteSession { ...@@ -207,8 +207,7 @@ sub deleteSession {
# Redirect on logout page if no other target defined # Redirect on logout page if no other target defined
if ( !$req->urldc and !$req->postUrl ) { if ( !$req->urldc and !$req->postUrl ) {
$self->logger->debug( $self->logger->debug('No other target defined, redirect on logout');
'No other target defined, redirect on logout');
$req->urldc( $req->script_name . "?logout=1" ); $req->urldc( $req->script_name . "?logout=1" );
} }
} }
...@@ -290,9 +289,7 @@ sub extractFormInfo { ...@@ -290,9 +289,7 @@ sub extractFormInfo {
sub getUser { sub getUser {
my ( $self, $req, %args ) = @_; my ( $self, $req, %args ) = @_;
return PE_ERROR unless ( $self->_userDB ); return PE_ERROR unless ( $self->_userDB );
return ( $self->_userDB->getUser( $req, %args ) == PE_USERNOTFOUND return $self->_userDB->getUser( $req, %args );
? PE_BADCREDENTIALS
: $self->_userDB->getUser( $req, %args ) );
} }
sub authenticate { sub authenticate {
...@@ -306,9 +303,10 @@ sub authenticate { ...@@ -306,9 +303,10 @@ sub authenticate {
# Store failed login into history # Store failed login into history
$req->steps( $req->steps(
[ 'setSessionInfo', 'setMacros', [
'setSessionInfo', 'setMacros',
'setPersistentSessionInfo', 'storeHistory', 'setPersistentSessionInfo', 'storeHistory',
@{ $self->afterData }, sub {PE_BADCREDENTIALS} @{ $self->afterData }, sub { PE_BADCREDENTIALS }
] ]
); );
...@@ -324,8 +322,7 @@ sub setAuthSessionInfo { ...@@ -324,8 +322,7 @@ sub setAuthSessionInfo {
if ( $ret == PE_OK if ( $ret == PE_OK
and not( defined $req->sessionInfo->{authenticationLevel} ) ) and not( defined $req->sessionInfo->{authenticationLevel} ) )
{ {
$self->logger->error( $self->logger->error('Authentication level is not set by auth module');
'Authentication level is not set by auth module');
} }
return $ret; return $ret;
} }
...@@ -345,13 +342,13 @@ sub setSessionInfo { ...@@ -345,13 +342,13 @@ sub setSessionInfo {
# Date and time # Date and time
if ( $self->conf->{updateSession} ) { if ( $self->conf->{updateSession} ) {
$req->{sessionInfo}->{_updateTime} $req->{sessionInfo}->{_updateTime} =
= strftime( "%Y%m%d%H%M%S", localtime() ); strftime( "%Y%m%d%H%M%S", localtime() );
} }
else { else {
$req->{sessionInfo}->{_utime} ||= time(); $req->{sessionInfo}->{_utime} ||= time();
$req->{sessionInfo}->{_startTime} $req->{sessionInfo}->{_startTime} =
= strftime( "%Y%m%d%H%M%S", localtime() ); strftime( "%Y%m%d%H%M%S", localtime() );
$req->{sessionInfo}->{_lastSeen} = time() $req->{sessionInfo}->{_lastSeen} = time()
if $self->conf->{timeoutActivity}; if $self->conf->{timeoutActivity};
} }
...@@ -371,8 +368,8 @@ sub setSessionInfo { ...@@ -371,8 +368,8 @@ sub setSessionInfo {
sub setMacros { sub setMacros {
my ( $self, $req ) = @_; my ( $self, $req ) = @_;
foreach ( sort keys %{ $self->_macros } ) { foreach ( sort keys %{ $self->_macros } ) {
$req->{sessionInfo}->{$_} $req->{sessionInfo}->{$_} =
= $self->_macros->{$_}->( $req, $req->sessionInfo ); $self->_macros->{$_}->( $req, $req->sessionInfo );
} }
PE_OK; PE_OK;
} }
...@@ -412,16 +409,16 @@ sub setLocalGroups { ...@@ -412,16 +409,16 @@ sub setLocalGroups {
my ( $self, $req ) = @_; my ( $self, $req ) = @_;
foreach ( sort keys %{ $self->_groups } ) { foreach ( sort keys %{ $self->_groups } ) {
if ( $self->_groups->{$_}->( $req, $req->sessionInfo ) ) { if ( $self->_groups->{$_}->( $req, $req->sessionInfo ) ) {
$req->{sessionInfo}->{groups} $req->{sessionInfo}->{groups} .=
.= $self->conf->{multiValuesSeparator} . $_; $self->conf->{multiValuesSeparator} . $_;
$req->{sessionInfo}->{hGroups}->{$_}->{name} = $_; $req->{sessionInfo}->{hGroups}->{$_}->{name} = $_;
} }
} }
# Clear values separator at the beginning # Clear values separator at the beginning
if ( $req->{sessionInfo}->{groups} ) { if ( $req->{sessionInfo}->{groups} ) {
$req->{sessionInfo}->{groups} $req->{sessionInfo}->{groups} =~
=~ s/^$self->{conf}->{multiValuesSeparator}//o; s/^$self->{conf}->{multiValuesSeparator}//o;
} }
PE_OK; PE_OK;
} }
...@@ -445,8 +442,8 @@ sub store { ...@@ -445,8 +442,8 @@ sub store {
# Compute unsecure cookie value if needed # Compute unsecure cookie value if needed
if ( $self->conf->{securedCookie} == 3 ) { if ( $self->conf->{securedCookie} == 3 ) {
$req->{sessionInfo}->{_httpSession} $req->{sessionInfo}->{_httpSession} =
= $self->conf->{cipher}->encryptHex( $req->{id}, "http" ); $self->conf->{cipher}->encryptHex( $req->{id}, "http" );
} }
# Fill session # Fill session
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment