From 4005f2b5fe916b0c3664bcee54ccfa203ee10392 Mon Sep 17 00:00:00 2001
From: Tanner Prestegard <tanner.prestegard@ligo.org>
Date: Mon, 10 Dec 2018 17:41:41 -0600
Subject: [PATCH] Handle malformed REMOTE_USER in headers for post-login

---
 gracedb/ligoauth/middleware.py | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/gracedb/ligoauth/middleware.py b/gracedb/ligoauth/middleware.py
index b5819044a..b7156d614 100644
--- a/gracedb/ligoauth/middleware.py
+++ b/gracedb/ligoauth/middleware.py
@@ -47,8 +47,11 @@ class ShibbolethWebAuthMiddleware(PersistentRemoteUserMiddleware):
         # Get username from request headers
         username = request.META.get(self.user_header, None)
 
-        # If the header is blank or doesn't exist, return
-        if username is None:
+        # If the header is blank or doesn't exist, return. We also catch
+        # case where the username is '(null)', meaning the corresponding
+        # Apache environment variable was empty but it still put the value
+        # in the header (for some reason)
+        if (username is None or username == '(null)'):
             return
 
         # If shib headers are available and the user is already authenticated,
-- 
GitLab