Erase sessionInfo if spoofed identity is not allowed (#1664)

2019-03-09 13:18:39 +01:00 · 2019-03-09 13:18:39 +01:00 · 049df70e53
commit 049df70e53
parent dfd286c9fa
1 changed files with 1 additions and 1 deletions
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Impersonation.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Impersonation.pm
@ -156,7 +156,7 @@ sub _userDatas {
                'Impersonation requested for an unvalid user ('
              . $req->{user}
              . ")" );
-
+        $req->sessionInfo = {};
        $self->logger->debug('Identity not authorized');
        return $req->error(PE_BADCREDENTIALS);
    }