Skip to content
Snippets Groups Projects
Commit 4005f2b5 authored by Tanner Prestegard's avatar Tanner Prestegard Committed by GraceDB
Browse files

Handle malformed REMOTE_USER in headers for post-login

parent ee6a21b0
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
gracedb/ligoauth/middleware.py
+ 5
2
View file @ 4005f2b5
...@@ -47,8 +47,11 @@ class ShibbolethWebAuthMiddleware(PersistentRemoteUserMiddleware): ...@@ -47,8 +47,11 @@ class ShibbolethWebAuthMiddleware(PersistentRemoteUserMiddleware):
# Get username from request headers # Get username from request headers
username = request.META.get(self.user_header, None) username = request.META.get(self.user_header, None)
# If the header is blank or doesn't exist, return # If the header is blank or doesn't exist, return. We also catch
if username is None: # case where the username is '(null)', meaning the corresponding
# Apache environment variable was empty but it still put the value
# in the header (for some reason)
if (username is None or username == '(null)'):
return return
# If shib headers are available and the user is already authenticated, # If shib headers are available and the user is already authenticated,
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment