summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJérôme Schneider <jschneider@entrouvert.com>2015-04-03 15:05:58 (GMT)
committerJérôme Schneider <jschneider@entrouvert.com>2015-04-03 15:05:58 (GMT)
commita162b120ae55adc756e68a1f6ca469c8eade924d (patch)
tree3b793f4a57f059f50caf5f55f5921b2e64db8bcd
parent87890ad29707f994ac6e785030b48216e0010ede (diff)
downloadspip-saml-a162b120ae55adc756e68a1f6ca469c8eade924d.zip
spip-saml-a162b120ae55adc756e68a1f6ca469c8eade924d.tar.gz
spip-saml-a162b120ae55adc756e68a1f6ca469c8eade924d.tar.bz2
login_saml: test if we have a nameid in saml attributes
-rw-r--r--balise/login_saml.php7
1 files changed, 6 insertions, 1 deletions
diff --git a/balise/login_saml.php b/balise/login_saml.php
index 5a2c6db..db14b52 100644
--- a/balise/login_saml.php
+++ b/balise/login_saml.php
@@ -72,10 +72,15 @@ function login_saml_successfull()
$nameid = $attributes['NameID'][0];
$display_name = $first_name . ' ' . $last_name;
+ if (!$nameid) {
+ spip_log("[auth_saml] no NameID found in SAML attributes, cancel login", _LOG_ERREUR);
+ redirige_par_entete('/');
+ }
+
spip_log("[auth_saml] authentification reussi pour l'utilisateur =".$email);
// Si l'utilisateur figure deja dans la base, y recuperer les infos
- $result = spip_query("SELECT * FROM spip_auteurs WHERE nameid=". _q($nameid) ." AND statut<>'6form'" );
+ $result = spip_query("SELECT * FROM spip_auteurs WHERE nameid=". _q($nameid) ." AND statut<>'6form'");
$row_auteur = spip_fetch_array($result);
if (!$row_auteur) {