Erase sessionInfo if spoofed identity is not allowed (#1664)
This commit is contained in:
parent
dfd286c9fa
commit
049df70e53
|
@ -156,7 +156,7 @@ sub _userDatas {
|
|||
'Impersonation requested for an unvalid user ('
|
||||
. $req->{user}
|
||||
. ")" );
|
||||
|
||||
$req->sessionInfo = {};
|
||||
$self->logger->debug('Identity not authorized');
|
||||
return $req->error(PE_BADCREDENTIALS);
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue
Block a user