| |
@@ -1,6 +1,7 @@
|
| |
# Copyright (C) 2014 Ipsilon project Contributors, for license see COPYING
|
| |
|
| |
from ipsilon.util.page import Page
|
| |
+ import cherrypy
|
| |
|
| |
|
| |
class Errors(Page):
|
| |
@@ -34,8 +35,13 @@
|
| |
class Error_401(Errors):
|
| |
|
| |
def handler(self, status, message, traceback, version):
|
| |
+ try:
|
| |
+ tid = self.get_valid_transaction('login').transaction_id
|
| |
+ except cherrypy.HTTPError:
|
| |
+ tid = None
|
| |
return self._error_template('unauthorized.html',
|
| |
- title='Unauthorized', message=message)
|
| |
+ title='Unauthorized', message=message,
|
| |
+ ipsilon_transaction_id=tid)
|
| |
|
| |
|
| |
class Error_404(Errors):
|
| |
If we get a 401 during a transaction (i.e. failing authentication),
ipsilon shows the 401 error page, which has a link back to the login
page. Clicking this link causes a new transaction to be created,
losing any in-progress service provider authentication, and not
redirecting back to the SP after a successful transaction.
If we hit the 401 page and there's a current transaction, add the
transaction ID to the link back to the login page, so the current
transaction is preserved.
Signed-off-by: Howard Johnson merlin@merlinthp.org