Pull the GSSAPI principal out of the userattrsgssapi_test

This was originally getting the principal from the user object itself which meant it was looking for it in the database. Look in the attributes instead which are stored in the user session. Signed-off-by: Rob Crittenden <rcritten@redhat.com>
author: Rob Crittenden <rcritten@redhat.com> 2015-05-05 12:37:31 -0400
committer: Rob Crittenden <rcritten@redhat.com> 2015-05-06 16:00:24 -0400
commit: dd6432197b3da4be32dd00c84bfe413ac04a802d (patch)
tree: a0998209d3f66dbc0a74f8189e020c8ab10f8a02 /ipsilon
parent: b8ba1b440e0ddee478ed14480e608a2cfde10c7a (diff)
download: ipsilon.git-gssapi_test.tar.gz
ipsilon.git-gssapi_test.tar.xz
ipsilon.git-gssapi_test.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/ipsilon/providers/saml2/auth.py b/ipsilon/providers/saml2/auth.py
index b2c9549..8b84bc2 100644
--- a/ipsilon/providers/saml2/auth.py
+++ b/ipsilon/providers/saml2/auth.py
@@ -197,7 +197,8 @@ class AuthenticateRequest(ProviderPageBase):
         elif nameidfmt == lasso.SAML2_NAME_IDENTIFIER_FORMAT_TRANSIENT:
             nameid = '_' + uuid.uuid4().hex
         elif nameidfmt == lasso.SAML2_NAME_IDENTIFIER_FORMAT_KERBEROS:
-            nameid = us.get_data('user', 'gssapi_principal_name')
+            userattrs = us.get_user_attrs()
+            nameid = userattrs.get('gssapi_principal_name')
         elif nameidfmt == lasso.SAML2_NAME_IDENTIFIER_FORMAT_EMAIL:
             nameid = us.get_user().email
             if not nameid:
author	Rob Crittenden <rcritten@redhat.com>	2015-05-05 12:37:31 -0400
committer	Rob Crittenden <rcritten@redhat.com>	2015-05-06 16:00:24 -0400
commit	dd6432197b3da4be32dd00c84bfe413ac04a802d (patch)
tree	a0998209d3f66dbc0a74f8189e020c8ab10f8a02 /ipsilon
parent	b8ba1b440e0ddee478ed14480e608a2cfde10c7a (diff)
download	ipsilon.git-gssapi_test.tar.gz ipsilon.git-gssapi_test.tar.xz ipsilon.git-gssapi_test.zip