From be36c3c96f7b79b9c7109de0e9a6b04c18faf559 Mon Sep 17 00:00:00 2001 From: Dan Wells Date: Wed, 10 Oct 2012 09:22:33 -0400 Subject: [PATCH] Capture and log AuthProxy logins with no account The current AuthProxy.pm code assumes that if the external auth passes, the Evergreen account will be there. This protects against cases where a user is in the external auth system but has no matching account in Evergreen. Signed-off-by: Dan Wells Signed-off-by: Bill Erickson --- Open-ILS/src/perlmods/lib/OpenILS/Application/AuthProxy.pm | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/Open-ILS/src/perlmods/lib/OpenILS/Application/AuthProxy.pm b/Open-ILS/src/perlmods/lib/OpenILS/Application/AuthProxy.pm index be1d05b7f4..a555be7797 100644 --- a/Open-ILS/src/perlmods/lib/OpenILS/Application/AuthProxy.pm +++ b/Open-ILS/src/perlmods/lib/OpenILS/Application/AuthProxy.pm @@ -257,6 +257,10 @@ sub _do_login { "open-ils.cstore.direct.actor.user.search.atomic", { usrname => $args->{'username'} } ); + if (!$user->[0]) { + $logger->debug("Authenticated username '" . $args->{'username'} . "' has no Evergreen account, aborting"); + return OpenILS::Event->new( 'LOGIN_FAILED' ); + } $args->{'password'} = md5_hex( $seed . $user->[0]->passwd ); } else { $args->{'password'} = md5_hex( $seed . md5_hex($real_password) ); -- 2.11.0