dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Use PE_BADCREDENTIALS instead of 403 (#707)

Browse Source
This commit is contained in:
Xavier Guimard 2017-04-05 12:02:02 +00:00
parent 6943c49c05
commit c4b27b9c24
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/Kerberos.pm
View File

@ -5,6 +5,7 @@ use Mouse;
use GSSAPI; use GSSAPI;
use MIME::Base64; use MIME::Base64;
use Lemonldap::NG::Portal::Main::Constants qw( use Lemonldap::NG::Portal::Main::Constants qw(
PE_BADCREDENTIALS
PE_ERROR PE_ERROR
PE_OK PE_OK
PE_SENDRESPONSE PE_SENDRESPONSE
@ -26,7 +27,7 @@ sub extractFormInfo {
unless ($auth) { unless ($auth) {
$req->response( $req->response(
[ [
410, 401,
[ 'WWW-Authenticate' => 'Negotiate' ], [ 'WWW-Authenticate' => 'Negotiate' ],
['Authentication required'] ['Authentication required']
] ]
@ -35,14 +36,13 @@ sub extractFormInfo {
} }
if ( $auth !~ /^Negotiate (.*)$/ ) { if ( $auth !~ /^Negotiate (.*)$/ ) {
$self->userLogger->error('Bad authorization header'); $self->userLogger->error('Bad authorization header');
$req->response( [ 403, [], ['Forbidden'] ] ); return PE_BADCREDENTIALS;
return PE_SENDRESPONSE;
} }
my $data; my $data;
eval { $data = MIME::Base64::decode($1) }; eval { $data = MIME::Base64::decode($1) };
if ($@) { if ($@) {
$self->userLogger->error( 'Bad authorization header: ' . $@ ); $self->userLogger->error( 'Bad authorization header: ' . $@ );
return PE_ERROR; return PE_BADCREDENTIALS;
} }
my $server_context; my $server_context;
my $status = GSSAPI::Context::accept( my $status = GSSAPI::Context::accept(