Erase sessionInfo if spoofed identity is not allowed (#1664)
This commit is contained in:
parent
dfd286c9fa
commit
049df70e53
|
@ -156,7 +156,7 @@ sub _userDatas {
|
||||||
'Impersonation requested for an unvalid user ('
|
'Impersonation requested for an unvalid user ('
|
||||||
. $req->{user}
|
. $req->{user}
|
||||||
. ")" );
|
. ")" );
|
||||||
|
$req->sessionInfo = {};
|
||||||
$self->logger->debug('Identity not authorized');
|
$self->logger->debug('Identity not authorized');
|
||||||
return $req->error(PE_BADCREDENTIALS);
|
return $req->error(PE_BADCREDENTIALS);
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue
Block a user