Improve error handling for logout errors
This commit is contained in:
parent
9b10315fa3
commit
5ea608e335
|
@ -22,6 +22,7 @@
|
|||
|
||||
#include "auth_mellon.h"
|
||||
|
||||
#include <lasso/xml/saml-2.0/samlp2_logout_response.h>
|
||||
|
||||
#ifdef HAVE_lasso_server_new_from_buffers
|
||||
# define SERVER_NEW lasso_server_new_from_buffers
|
||||
|
@ -669,7 +670,27 @@ static int am_handle_logout_response(request_rec *r, LassoLogout *logout)
|
|||
char *return_to;
|
||||
|
||||
res = lasso_logout_process_response_msg(logout, r->args);
|
||||
if(res != 0) {
|
||||
if (res == LASSO_LOGOUT_ERROR_REQUEST_DENIED) {
|
||||
ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, "Logout request "
|
||||
"was denied, maybe session was desynchronized.");
|
||||
} else if (res == LASSO_PROFILE_ERROR_STATUS_NOT_SUCCESS) {
|
||||
LassoSamlp2LogoutResponse *response= LASSO_SAMLP2_LOGOUT_RESPONSE(logout->parent.response);
|
||||
char *first_level_status_code_value = NULL;
|
||||
char *second_level_status_code_value = NULL;
|
||||
|
||||
if (response->parent.Status && response->parent.Status->StatusCode) {
|
||||
LassoSamlp2StatusCode *first_level_status_code =
|
||||
response->parent.Status->StatusCode;
|
||||
first_level_status_code_value = first_level_status_code->Value;
|
||||
if (first_level_status_code->StatusCode) {
|
||||
second_level_status_code_value =
|
||||
first_level_status_code->StatusCode->Value;
|
||||
}
|
||||
}
|
||||
ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r,
|
||||
"Logout response status is not success: %s;%s",
|
||||
first_level_status_code_value, second_level_status_code_value);
|
||||
} else if (res != 0) {
|
||||
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
|
||||
"Unable to process logout response."
|
||||
" Lasso error: [%i] %s", res, lasso_strerror(res));
|
||||
|
|
Loading…
Reference in New Issue