diff options
author | olavmrk <olavmrk@a716ebb1-153a-0410-b759-cfb97c6a1b53> | 2013-03-06 12:54:06 +0000 |
---|---|---|
committer | olavmrk <olavmrk@a716ebb1-153a-0410-b759-cfb97c6a1b53> | 2013-03-06 12:54:06 +0000 |
commit | e87049bac944f4909502a4db359ce90f50e91784 (patch) | |
tree | a153ac8562954dd247e33394a55e7905ce898a3a | |
parent | 2b12f238fa67acd4d31a9ad399c414ff498c4072 (diff) | |
download | mod_auth_mellon-e87049bac944f4909502a4db359ce90f50e91784.tar.gz mod_auth_mellon-e87049bac944f4909502a4db359ce90f50e91784.tar.xz mod_auth_mellon-e87049bac944f4909502a4db359ce90f50e91784.zip |
Do not mark a session as logged in before all processing is completed.
If we mark the session as logged in before all processing is completed,
a failure during login processing (e.g. too big attribute values) can
cause a user to receive a "half-authenticated" session.
This patch changes the code so that the last task before releaseing the
session is to mark it as logged in.
git-svn-id: https://modmellon.googlecode.com/svn/trunk@184 a716ebb1-153a-0410-b759-cfb97c6a1b53
-rw-r--r-- | auth_mellon_handler.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/auth_mellon_handler.c b/auth_mellon_handler.c index 5b3417a..3007a01 100644 --- a/auth_mellon_handler.c +++ b/auth_mellon_handler.c @@ -1591,9 +1591,6 @@ static int add_attributes(am_cache_entry_t *session, request_rec *r, + apr_time_make(dir_cfg->session_length, 0)); } - /* Mark user as logged in. */ - session->logged_in = 1; - /* Save session information. */ ret = am_cache_env_append(session, "NAME_ID", name_id); if(ret != OK) { @@ -1911,6 +1908,9 @@ static int am_handle_reply_common(request_rec *r, LassoLogin *login, return rc; } + /* Mark user as logged in. */ + session->logged_in = 1; + am_release_request_session(r, session); lasso_login_destroy(login); |