Fixed the case where a user would manually log in with an unknown username

author exe-cutor <exe-cutor>

Wed, 12 Apr 2006 14:54:01 +0000 (14:54 +0000)

committer exe-cutor <exe-cutor>

Wed, 12 Apr 2006 14:54:01 +0000 (14:54 +0000)
author exe-cutor <exe-cutor>
Wed, 12 Apr 2006 14:54:01 +0000 (14:54 +0000)
committer exe-cutor <exe-cutor>
Wed, 12 Apr 2006 14:54:01 +0000 (14:54 +0000)
diff --git a/auth/shibboleth/lib.php b/auth/shibboleth/lib.php

index 45c5e8f02cb40fef9a0026b85c6d7a2f8f7b2fcd..37f04b9e0f46b5a97c711e242348b6d2c4c8cd67 100755 (executable)
--- a/auth/shibboleth/lib.php
+++ b/auth/shibboleth/lib.php
@@ -8,17 +8,13 @@ function auth_user_login($username, $password) {
  
      $pluginconfig   = get_config('auth/shibboleth');
      
-/// If we are in the shibboleth directory then we trust the server var
+    // If we are in the shibboleth directory then we trust the server var
      if (!empty($_SERVER[$pluginconfig->shib_user_attribute])) {
          return ($_SERVER[$pluginconfig->shib_user_attribute] == $username);
      } else {
-    /// If we are not, then the server is probably set to not be Shibboleth-only
-    /// and the user has used the normal login screen, so we redirect to the shibboleth
-    /// directory for a proper check
-        redirect($CFG->wwwroot.'/auth/shibboleth/index.php');
-    
-    /// There's no point doing anything further here
-        exit;
+    // If we are not, the user has used the manual login and the login name is
+    // unknown, so we return false.
+        return false;
      }
  }
author	exe-cutor <exe-cutor>
	Wed, 12 Apr 2006 14:54:01 +0000 (14:54 +0000)
committer	exe-cutor <exe-cutor>
	Wed, 12 Apr 2006 14:54:01 +0000 (14:54 +0000)