Changeset 1190


Ignore:
Timestamp:
15/06/06 11:28:33 (15 years ago)
Author:
pjkersha
Message:

NDG/SecurityCGI.py: processCredsRequest only picks up an existing cookie if no cookie was input, AND if an
existing cookie is picked up and is not an NDG security one, then it's silently ignored.

Location:
TI12-security/trunk/python
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • TI12-security/trunk/python/NDG/SecurityCGI.py

    r1129 r1190  
    277277                                                          
    278278        # Check for cookie in environment 
    279         if 'HTTP_COOKIE' in os.environ: 
     279        if sessCookie is None and 'HTTP_COOKIE' in os.environ: 
    280280     
    281281            # Get session ID from existing cookie 
    282282            sessCookie = SimpleCookie(os.environ['HTTP_COOKIE']) 
    283283 
    284         if sessCookie: 
    285             # Cookie is set - check for NDG cookie 
    286             try: 
    287                 UserSession.isValidSecurityCookie(sessCookie, raiseExcep=True) 
     284        # Check for NDG cookie 
     285        if sessCookie and UserSession.isValidSecurityCookie(sessCookie): 
    288286                 
    289             except UserSessionError, e: 
    290                 raise SecurityCGIError, \ 
    291                                     'Checking existing session cookie: %s' % e 
    292  
    293287            # Return cookie to requestor 
    294288            self.returnCreds(sessCookie, returnURI, **returnCredsKwArgs) 
Note: See TracChangeset for help on using the changeset viewer.