@@ -490,7 +490,7 @@ def identify(self, environ):
490490 if ("CONTENT_LENGTH" not in environ or not environ ["CONTENT_LENGTH" ]) and \
491491 "SAMLResponse" not in query and "SAMLRequest" not in query :
492492 logger .debug ('[identify] get or empty post' )
493- return {}
493+ return None
494494
495495 # if logger:
496496 # logger.info("ENVIRON: %s" % environ)
@@ -597,7 +597,11 @@ def add_metadata(self, environ, identity):
597597 """ Add information to the knowledge I have about the user """
598598 name_id = identity ['repoze.who.userid' ]
599599 if isinstance (name_id , basestring ):
600- name_id = decode (name_id )
600+ try :
601+ # Make sure that userids authenticated by another plugin don't cause problems here.
602+ name_id = decode (name_id )
603+ except :
604+ pass
601605
602606 _cli = self .saml_client
603607 logger .debug ("[add_metadata] for %s" % name_id )
@@ -648,10 +652,12 @@ def _service_url(environ, qstr=None):
648652 #noinspection PyUnusedLocal
649653 def authenticate (self , environ , identity = None ):
650654 if identity :
655+ if identity .get ('user' ) and environ .get ('s2repoze.sessioninfo' ) and identity .get ('user' ) == environ .get ('s2repoze.sessioninfo' ).get ('ava' ):
656+ return identity .get ('login' )
651657 tktuser = identity .get ('repoze.who.plugins.auth_tkt.userid' , None )
652658 if tktuser and self .saml_client .is_logged_in (decode (tktuser )):
653659 return tktuser
654- return identity . get ( 'login' , None )
660+ return None
655661 else :
656662 return None
657663
0 commit comments