SAML: keep NameID in a SAML session to answer later attribute queries (#2)
This commit is contained in:
parent
00a952a372
commit
8c14ba24bf
@ -864,6 +864,30 @@ sub issuerForAuthUser {
|
||||
$session_id );
|
||||
}
|
||||
|
||||
# Keep SAML elements for later queries
|
||||
my %h;
|
||||
eval {
|
||||
tie %h, $self->{samlStorage}, undef,
|
||||
$self->{samlStorageOptions};
|
||||
};
|
||||
if ($@) {
|
||||
$self->lmLog( "Unable to create SAML session: $@", 'error' );
|
||||
return PE_ERROR;
|
||||
}
|
||||
|
||||
$h{type} = 'saml'; # Session type
|
||||
$h{_utime} = $time; # Creation time
|
||||
$h{_id} = $session_id; # SSO session id
|
||||
$h{_nameID} = $login->nameIdentifier; # SAML NameID
|
||||
|
||||
my $saml_session_id = $h{_session_id};
|
||||
|
||||
untie %h;
|
||||
|
||||
$self->lmLog(
|
||||
"Link session $session_id to SAML session $saml_session_id",
|
||||
'debug' );
|
||||
|
||||
# Send SSO Response
|
||||
|
||||
# HTTP-REDIRECT
|
||||
|
Loading…
Reference in New Issue
Block a user