From eb9175d681fbc1356e8fd9744a75fa95f0ae3a94 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cl=C3=A9ment=20Oudot?= <clement@oodo.net>
Date: Sat, 16 Jun 2012 20:52:56 +0000
Subject: [PATCH] Fix CAS 1.0 validate method (#478)

---
 lemonldap-ng-portal/lib/Lemonldap/NG/Portal/IssuerDBCAS.pm | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/IssuerDBCAS.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/IssuerDBCAS.pm
index e8e741566..3cdc9c018 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/IssuerDBCAS.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/IssuerDBCAS.pm
@@ -121,6 +121,12 @@ sub issuerForUnAuthUser {
             "Get validate request with ticket $ticket for service $service",
             'debug' );
 
+        unless ( $ticket =~ s/^ST-// ) {
+            $self->lmLog( "Provided ticket is not a service ticket (ST)",
+                'error' );
+            $self->returnCasValidateError();
+        }
+
         my $casServiceSession = $self->getCasSession($ticket);
 
         unless ($casServiceSession) {