Commit fde4be48 authored by Nigel McNie's avatar Nigel McNie
Browse files

Error reporting and multiuser handling improvements.

When someone lands, log them if they're logged in, before making a new login attempt. Also, clear their session messages. This stops messages and potentially data for one user carrying over to another user when two people SSO from the same computer.

Removed a catch (Exception) block, as now the code called in the throw block should always be throwing the correct exceptions. This will improve error reporting for SSO related errors quite significantly.

Also throw some better exceptions if land.php fails to authenticate anyone.
parent 226460ec
......@@ -80,6 +80,14 @@ if (empty($instances)) {
throw new ParameterException(get_string('errnoauthinstances','auth'). htmlentities($remotewwwroot, ENT_QUOTES, 'UTF-8'));
}
// If the user is already logged in as someone, log them out. That way, if
// XMLRPC authentication fails, the system isn't left looking stupid as it
// reports that the user couldn't log in while they actually are.
if ($USER->is_logged_in()) {
$USER->logout();
}
$SESSION->set('messages', array());
$rpcconfigured = false;
$res = false;
......@@ -93,10 +101,6 @@ foreach($instances as $instance) {
continue;
// we don't care - a future plugin might accept the user
}
catch (Exception $e) {
log_info($e);
continue;
}
if ($res == true) {
break;
}
......@@ -112,8 +116,8 @@ if ($res == true) {
}
if ($rpcconfigured === false) {
throw new UserNotFoundException(get_string('errnoxmlrcpinstances','auth').htmlentities($remotewwwroot, ENT_QUOTES, 'UTF-8'));
throw new XmlrpcUserNotFoundException(get_string('errnoxmlrcpinstances','auth').htmlentities($remotewwwroot, ENT_QUOTES, 'UTF-8'));
} else {
throw new UserNotFoundException(get_string('errnoxmlrcpuser','auth'));
throw new XmlrpcUserNotFoundException(get_string('errnoxmlrpcuser','auth'));
}
?>
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment