Ignore:
Timestamp:
27/11/07 13:32:35 (12 years ago)
Author:
pjkersha
Message:

ows_server/ows_server/controllers/login.py: delete security details from session if session not found on Session Manager

File:
1 edited

Legend:

Unmodified
Added
Removed
  • TI05-delivery/ows_framework/trunk/ows_server/ows_server/controllers/login.py

    r3056 r3061  
    44 
    55from ows_server.lib.base import * 
    6 from ows_server.lib.security_util import setSecuritySession, LoginServiceQuery 
     6from ows_server.lib.security_util import setSecuritySession, SecuritySession,\ 
     7                                         LoginServiceQuery 
    78from ows_common.exception_report import OwsError 
    89from paste.request import parse_querystring 
     
    6566                                 
    6667        except Exception, e: 
    67             c.xml='Error establishing security context [%s]'%cgi.escape(str(e)) 
     68            c.xml='Error establishing security context.  Please report ' + \ 
     69                  'the error to your site administrator' 
     70            log.error("Initialising SessionMgrClient for " + \ 
     71                      "getSessionStatus call: %s" % e) 
     72            SecuritySession.delete() 
    6873            return Response(render('content'), code=400) 
    6974         
     
    7782            c.xml = "Error checking your session details.  Please re-login" 
    7883            log.error("Session Manager getSessionStatus returned: %s" % e) 
    79         return Response(render('login'), code=401) 
     84            SecuritySession.delete() 
     85            return Response(render('login'), code=401) 
    8086    
    8187        if bSessOK: 
    82             log.debug(\ 
    83         "Session found - redirect back to site requesting credentials ...") 
     88            log.debug("Session found - redirect back to site requesting " + \ 
     89                      "credentials ...") 
    8490            # ... Return across http GET passing security parameters... 
    8591            return self.__doRedirect() 
    8692        else: 
    87             log.debug("Session wasn't found - re-displaying login...") 
     93            log.debug("Session wasn't found - removing security details " + \ 
     94                      "from cookie and re-displaying login...") 
     95            SecuritySession.delete() 
    8896            render_response('login') 
    8997 
     
    108116                                 
    109117        except Exception, e: 
    110             c.xml='Error establishing security context [%s]'%cgi.escape(str(e)) 
     118            c.xml='Error establishing security context.  Please report ' + \ 
     119                  'the error to your site administrator' 
     120            log.error("Login: initialising SessionMgrClient: %s" % e) 
    111121            return Response(render('content'), code=400) 
    112122         
     
    117127            sessID = smClnt.connect(username, passphrase=passphrase)[-1] 
    118128        except Exception, e: 
    119             c.xml = \ 
    120     "Error logging in.  Please check your username/pass-phrase and try again." 
     129            c.xml = "Error logging in.  Please check your username/" + \ 
     130                    "pass-phrase and try again." 
    121131            log.error("Session Manager connect returned: %s" % e) 
    122132            return Response(render('login'), code=401) 
Note: See TracChangeset for help on using the changeset viewer.