this file now does the authentication and doesnt use Shibboleth lazy …

…sessions anymore for various reasons, including security
wakamori · Feb 16, 2006 · a70d959 · a70d959
1 parent b0e1220
commit a70d959
Showing 1 changed file with 15 additions and 11 deletions.
diff --git a/auth/shibboleth/index.php b/auth/shibboleth/index.php
@@ -5,9 +5,18 @@
     require('lib.php');
 
     if (isloggedin() && $USER->username != 'guest') {      // Nothing to do
-        redirect($CFG->wwwroot.'/index.php');
-    }
+        if (isset($SESSION->wantsurl) and (strpos($SESSION->wantsurl, $CFG->wwwroot) === 0)){
+            $urltogo = $SESSION->wantsurl;    /// Because it's an address in this site
+            unset($SESSION->wantsurl);
 
+        } else {
+            $urltogo = $CFG->wwwroot.'/';      /// Go to the standard home page
+            unset($SESSION->wantsurl);         /// Just in case
+        }
+
+        redirect($urltogo);
+    }
+
     $pluginconfig   = get_config('auth/shibboleth');
 
     // Check whether Shibboleth is configured properly
@@ -50,19 +59,14 @@
 
             redirect($urltogo);
         }
-    } 
+    }
 
     // If we can find any (user independent) Shibboleth attributes but no user 
     // attributes we probably didn't receive any user attributes
-    if ( !empty($_SERVER['HTTP_SHIB_APPLICATION_ID'])
-    	 && empty($_SERVER[$pluginconfig->shib_user_attribute]))
-    {
+    elseif (!empty($_SERVER['HTTP_SHIB_APPLICATION_ID'])){
         error(get_string( 'shib_no_attributes_error', 'auth' , '\''.$pluginconfig->shib_user_attribute.'\', \''.$pluginconfig->field_map_firstname.'\', \''.$pluginconfig->field_map_lastname.'\' and \''.$pluginconfig->field_map_email.'\''));
+    } else {
+         error(get_string( 'shib_not_set_up_error', 'auth'));
     }
-
-
-    $SESSION->shibboleth_checked = true;   // This will stop us bouncing back here
-
-    redirect($CFG->wwwroot.'/login/index.php');
 
 ?>