[Koha-patches] [PATCH] [SIGNED-OFF] Bug 6694: Problem with casAuthentication syspref
alex.arnaud at biblibre.com
alex.arnaud at biblibre.com
Fri Dec 9 14:03:40 CET 2011
From: Julian Maurice <julian.maurice at biblibre.com>
A missing test in checkauth caused anonymous session to be destroyed and
re-created at every call when this syspref was set.
Almost the same issue is also fixed in check_api_auth, which caused
C4::Service->init to fail.
Signed-off-by: Alex Arnaud <alex.arnaud at biblibre.com>
---
C4/Auth.pm | 7 ++++---
1 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/C4/Auth.pm b/C4/Auth.pm
index e360e10..17b8469 100755
--- a/C4/Auth.pm
+++ b/C4/Auth.pm
@@ -688,7 +688,8 @@ sub checkauth {
$userid = $session->param('id');
$sessiontype = $session->param('sessiontype');
}
- if ( ($query->param('koha_login_context')) && ($query->param('userid') ne $session->param('id')) ) {
+ if ( ( ($query->param('koha_login_context')) && ($query->param('userid') ne $session->param('id')) )
+ || ( $cas && $query->param('ticket') ) ) {
#if a user enters an id ne to the id in the current session, we need to log them in...
#first we need to clear the anonymous session...
$debug and warn "query id = " . $query->param('userid') . " but session id = " . $session->param('id');
@@ -751,7 +752,7 @@ sub checkauth {
C4::Context->_new_userenv($sessionID);
$cookie = $query->cookie(CGISESSID => $sessionID);
$userid = $query->param('userid');
- if ($cas || $userid) {
+ if (($cas && $query->param('ticket')) || $userid) {
my $password = $query->param('password');
my ($return, $cardnumber);
if ($cas && $query->param('ticket')) {
@@ -1117,7 +1118,7 @@ sub check_api_auth {
unless ($query->param('userid')) {
$sessionID = $query->cookie("CGISESSID");
}
- if ($sessionID && not $cas) {
+ if ($sessionID && not ($cas && $query->param('PT')) ) {
my $session = get_session($sessionID);
C4::Context->_new_userenv($sessionID);
if ($session) {
--
1.7.0.4
More information about the Koha-patches
mailing list