projects / horde.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2b8dd80)
Logging/error message if shibboleth auth fails validation
authorMichael M Slusarz <slusarz@curecanti.org>
Tue, 25 Jan 2011 08:32:27 +0000 (01:32 -0700)
committerMichael M Slusarz <slusarz@curecanti.org>
Tue, 25 Jan 2011 10:08:09 +0000 (03:08 -0700)
framework/Core/lib/Horde/Core/Auth/Shibboleth.php patch | blob | history

diff --git a/framework/Core/lib/Horde/Core/Auth/Shibboleth.php b/framework/Core/lib/Horde/Core/Auth/Shibboleth.php
index 4bfec06..5beedd6 100644 (file)
--- a/framework/Core/lib/Horde/Core/Auth/Shibboleth.php
+++ b/framework/Core/lib/Horde/Core/Auth/Shibboleth.php
@@ -23,8 +23,17 @@ class Horde_Core_Auth_Shibboleth extends Horde_Auth_Shibboleth
      */
     public function validateAuth()
     {
-        return !empty($_SERVER[$this->getParam('username_header')]) &&
-               ($this->_removeScope($_SERVER[$this->getParam('username_header')]) == $GLOBALS['registry']->getAuth('original'));
+        if (!empty($_SERVER[$this->getParam('username_header')]) &&
+            ($this->_removeScope($_SERVER[$this->getParam('username_header')]) == $GLOBALS['registry']->getAuth('original'))) {
+            return true;
+        }
+
+        // Consider this a session expiration.
+        $this->setError(Horde_Auth::REASON_SESSION);
+
+        Horde::logMessage('Shibboleth authentication expired for user ' . $GLOBALS['registry']->getAuth(), 'INFO');
+
+        return false;
     }
 
 }
Unnamed repository; edit this file to name it for gitweb.