Author: acoburn
Date: Fri Sep 7 14:13:48 2012
New Revision: 1382035
URL: http://svn.apache.org/viewvc?rev=1382035&view=rev
Log:
VCL-608
fixed this in the bug-fix release as well. See related commit in trunk.
Modified:
vcl/branches/vcl-2.3-bugfixes/web/.ht-inc/utils.php
Modified: vcl/branches/vcl-2.3-bugfixes/web/.ht-inc/utils.php
URL:
http://svn.apache.org/viewvc/vcl/branches/vcl-2.3-bugfixes/web/.ht-inc/utils.php?rev=1382035&r1=1382034&r2=1382035&view=diff
==============================================================================
--- vcl/branches/vcl-2.3-bugfixes/web/.ht-inc/utils.php (original)
+++ vcl/branches/vcl-2.3-bugfixes/web/.ht-inc/utils.php Fri Sep 7 14:13:48 2012
@@ -325,7 +325,7 @@ function initGlobals() {
function checkAccess() {
global $mode, $user, $actionFunction, $authMechs;
global $itecsauthkey, $ENABLE_ITECSAUTH, $actions, $noHTMLwrappers;
- global $inContinuation, $docreaders;
+ global $inContinuation, $docreaders, $apiValidateFunc;
if($mode == 'xmlrpccall') {
// double check for SSL
if(! isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on") {
@@ -439,6 +439,16 @@ function checkAccess() {
exit;
}
}
+ elseif($authMechs[$authtype]['type'] == 'redirect'){
+ $affilid = $authMechs[$authtype]['affiliationid'];
+ if(!(isset($apiValidateFunc) && is_array($apiValidateFunc) &&
+ array_key_exists($affilid, $apiValidateFunc) &&
+ $apiValidateFunc[$affilid]($xmluser, $xmlpass))){
+ printXMLRPCerror(3); # access denied
+ dbDisconnect();
+ exit;
+ }
+ }
else {
printXMLRPCerror(6); # unable to auth passed
in X-User
dbDisconnect();
