Redirect to login page after SSO fail
This is a proposal for a change so that after a failed SSO login, the default login page will show up.
In controller/login/sso.php change
#die("permission denied");
to
else {
header("Location: " . SITE_URL . "login.php");
exit;
}
So the complete block would look like this:
if($this->model_user_auth->check_ntlm_auth() == 1) {
header("Location: " . SITE_URL . "search.php");
exit;
} else {
header("Location: " . SITE_URL . "login.php");
exit;
}
Comments (4)
-
repo owner -
Users might have been using sso and then it's disabled, but they are still using the sso address ? (Maybe it was bookmarked or added to frequently visited pages
Good idea for the redirect
-
SSO only works if NTLM is enabled in the browser. Users might use different browsers where NTLM is not enabled, or may use a mobile device for example. If SSO is enabled by the config ("ENABLE_SSO_LOGIN") users are always redirected to the sso.php page and cannot sign in unless they know the exact login URL.
P.S. it was my suggestion, sorry for submitting the proposal anonymously.
-
repo owner - changed status to resolved
OK, I've just committed the fix. Thank you.
- Log in to comment
Thanks for the fix, however I don't see, why anyone would go to /sso.php unless he's configured for sso, and thus it should succeed.