Log a message when authentication is successful but doesn't

match the NameID required by the SAML request. https://fedorahosted.org/ipsilon/ticket/157 Signed-off-by: Rob Crittenden <rcritten@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com> Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
author: Rob Crittenden <rcritten@redhat.com> 2015-08-24 17:42:19 +0000
committer: Patrick Uiterwijk <puiterwijk@redhat.com> 2015-08-25 14:55:28 +0200
commit: ea3a3c63719961c66b7b45cd7cfee51cf4bd5f6d (patch)
tree: 0ae8cf2a03f426dce384932400ce195ae0c441fb
parent: 715fa96eb2f97451749d3e66b801bdefe861b16e (diff)
download: ipsilon-ea3a3c63719961c66b7b45cd7cfee51cf4bd5f6d.tar.gz
ipsilon-ea3a3c63719961c66b7b45cd7cfee51cf4bd5f6d.tar.xz
ipsilon-ea3a3c63719961c66b7b45cd7cfee51cf4bd5f6d.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/ipsilon/providers/saml2/auth.py b/ipsilon/providers/saml2/auth.py
index d856220..5412240 100644
--- a/ipsilon/providers/saml2/auth.py
+++ b/ipsilon/providers/saml2/auth.py
@@ -211,6 +211,8 @@ class AuthenticateRequest(ProviderPageBase):
             login.assertion.subject.nameId.content = nameid
         else:
             self.trans.wipe()
+            self.error('Authentication succeeded but it was not ' +
+                       'provided by NameID %s' % nameidfmt)
             raise AuthenticationError("Unavailable Name ID type",
                                       lasso.SAML2_STATUS_CODE_AUTHN_FAILED)
author	Rob Crittenden <rcritten@redhat.com>	2015-08-24 17:42:19 +0000
committer	Patrick Uiterwijk <puiterwijk@redhat.com>	2015-08-25 14:55:28 +0200
commit	ea3a3c63719961c66b7b45cd7cfee51cf4bd5f6d (patch)
tree	0ae8cf2a03f426dce384932400ce195ae0c441fb
parent	715fa96eb2f97451749d3e66b801bdefe861b16e (diff)
download	ipsilon-ea3a3c63719961c66b7b45cd7cfee51cf4bd5f6d.tar.gz ipsilon-ea3a3c63719961c66b7b45cd7cfee51cf4bd5f6d.tar.xz ipsilon-ea3a3c63719961c66b7b45cd7cfee51cf4bd5f6d.zip