diff options
| author | olavmrk <olavmrk@a716ebb1-153a-0410-b759-cfb97c6a1b53> | 2014-04-25 09:11:40 +0000 |
|---|---|---|
| committer | olavmrk <olavmrk@a716ebb1-153a-0410-b759-cfb97c6a1b53> | 2014-04-25 09:11:40 +0000 |
| commit | d1a2b63b74d87c6b16b955f5799ded6fe2b73877 (patch) | |
| tree | 45988e38ff5afaa8c61cdeb1334a3af0d34aeb1a /auth_mellon.h | |
| parent | b5ea9e240ef4851eb73c86926bbc9b31fc789e3d (diff) | |
| download | mod_auth_mellon-d1a2b63b74d87c6b16b955f5799ded6fe2b73877.tar.gz mod_auth_mellon-d1a2b63b74d87c6b16b955f5799ded6fe2b73877.tar.xz mod_auth_mellon-d1a2b63b74d87c6b16b955f5799ded6fe2b73877.zip | |
Handle non successful status posted by the Idp
Idps may decide to deny authentication for a variety of reasons.
In such a case they will post to the application with an unsuccessful
status error code.
Handle the case by returning a more appropriate 401 Unauthorized
HTTP error code.
iDo this using an extensible mechanism to map arbitrary lasso errors
to HTTP errors.
Signed-off-by: Simo Sorce <simo@redhat.com>
git-svn-id: https://modmellon.googlecode.com/svn/trunk@226 a716ebb1-153a-0410-b759-cfb97c6a1b53
Diffstat (limited to 'auth_mellon.h')
| -rw-r--r-- | auth_mellon.h | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/auth_mellon.h b/auth_mellon.h index f99cf6f..192cff0 100644 --- a/auth_mellon.h +++ b/auth_mellon.h @@ -276,6 +276,13 @@ typedef struct am_envattr_conf_t { extern const command_rec auth_mellon_commands[]; +typedef struct am_error_map_t { + int lasso_error; + int http_error; +} am_error_map_t; + +extern const am_error_map_t auth_mellon_errormap[]; + /* When using a value from a directory configuration structure, a special value is used * to state "inherit" from parent, when reading a value and the value is still inherit from, it * means that no value has ever been set for this directive, in this case, we use the default |