From: Jeff Davis Date: Fri, 8 Feb 2019 19:03:29 +0000 (-0800) Subject: LP#1815229: add auth_proxy bail_on_fail option X-Git-Url: https://old-git.evergreen-ils.org/?a=commitdiff_plain;h=refs%2Fheads%2Fuser%2Fjeffdavis%2Flp1815229_auth_proxy_bail_on_fail;p=working%2FEvergreen.git LP#1815229: add auth_proxy bail_on_fail option If bail_on_fail is enabled in authenticator config, auth_proxy will bail out if auth fails for that authenticator, instead of falling through to the next one. Signed-off-by: Jeff Davis --- diff --git a/Open-ILS/examples/opensrf.xml.example b/Open-ILS/examples/opensrf.xml.example index 156562b82b..5f0f95f8ca 100644 --- a/Open-ILS/examples/opensrf.xml.example +++ b/Open-ILS/examples/opensrf.xml.example @@ -554,6 +554,7 @@ vim:et:ts=4:sw=4: 103 104 + false --> diff --git a/Open-ILS/src/perlmods/lib/OpenILS/Application/AuthProxy.pm b/Open-ILS/src/perlmods/lib/OpenILS/Application/AuthProxy.pm index 1f7832c653..fe6560ed94 100644 --- a/Open-ILS/src/perlmods/lib/OpenILS/Application/AuthProxy.pm +++ b/Open-ILS/src/perlmods/lib/OpenILS/Application/AuthProxy.pm @@ -221,6 +221,9 @@ sub login { next unless grep(/^(all|$args->{'org'})$/, @{$authenticator->{'org_units'}}); } + # Do we keep trying other authenticators if this one fails? + my $bail_on_fail = $authenticator->{bail_on_fail}; + my $event; # treat native specially if ($authenticator->name eq 'native') { @@ -231,6 +234,7 @@ sub login { my $code = $U->event_code($event); if ($code) { push @error_events, $event; + last if ($bail_on_fail and $bail_on_fail =~ /^t/i); } elsif (defined $code) { # code is '0', i.e. SUCCESS if (exists $event->{'payload'}) { # we have a complete native login return $event;