diff options
| author | Simon Rettberg | 2016-09-09 14:57:51 +0200 |
|---|---|---|
| committer | Simon Rettberg | 2016-09-09 14:57:51 +0200 |
| commit | 36098629405622ca2eb6644997a3c1b057793d4b (patch) | |
| tree | 6a0dcf8888de73716471fb00949baa33e735380b | |
| parent | [screen-standby] +x! +x everywhere! (diff) | |
| download | tm-scripts-36098629405622ca2eb6644997a3c1b057793d4b.tar.gz tm-scripts-36098629405622ca2eb6644997a3c1b057793d4b.tar.xz tm-scripts-36098629405622ca2eb6644997a3c1b057793d4b.zip | |
[pam-bwidm] Generate random ID so consecutive logins don't fail
| -rw-r--r-- | remote/modules/pam-bwidm/data/opt/openslx/bwidm_soap.xml | 8 | ||||
| -rwxr-xr-x | remote/modules/pam-bwidm/data/opt/openslx/scripts/pam_bwidm | 4 |
2 files changed, 10 insertions, 2 deletions
diff --git a/remote/modules/pam-bwidm/data/opt/openslx/bwidm_soap.xml b/remote/modules/pam-bwidm/data/opt/openslx/bwidm_soap.xml index ed456f9c..ec7f3ff8 100644 --- a/remote/modules/pam-bwidm/data/opt/openslx/bwidm_soap.xml +++ b/remote/modules/pam-bwidm/data/opt/openslx/bwidm_soap.xml @@ -1,6 +1,12 @@ <S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/"> <S:Body> - <samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceURL="https://bwlp-masterserver.ruf.uni-freiburg.de/Shibboleth.sso/SAML2/ECP" ID="_ff000aafc030c5f0000dbf634b2f0000" IssueInstant="%TIMESTAMP%" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Version="2.0"> + <samlp:AuthnRequest + xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" + AssertionConsumerServiceURL="https://bwlp-masterserver.ruf.uni-freiburg.de/Shibboleth.sso/SAML2/ECP" + ID="%REQUESTID%" + IssueInstant="%TIMESTAMP%" + ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" + Version="2.0"> <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://bwlp-masterserver.ruf.uni-freiburg.de/shibboleth</saml:Issuer> <samlp:NameIDPolicy AllowCreate="1"/> </samlp:AuthnRequest> diff --git a/remote/modules/pam-bwidm/data/opt/openslx/scripts/pam_bwidm b/remote/modules/pam-bwidm/data/opt/openslx/scripts/pam_bwidm index ae62c7ee..92379719 100755 --- a/remote/modules/pam-bwidm/data/opt/openslx/scripts/pam_bwidm +++ b/remote/modules/pam-bwidm/data/opt/openslx/scripts/pam_bwidm @@ -138,7 +138,9 @@ if [ "x$PAM_TYPE" == "xauth" ]; then CT='Content-Type: application/vnd.paos+xml; charset=utf-8' NOW=$(date -u '+%Y-%m-%dT%H:%M:%SZ') HOST=$(echo "${USER_ECP_URL}" | awk -F '/' '{print $3}') - REQUEST=$(sed "s/%TIMESTAMP%/${NOW}/g" "${SOAP_ENVELOPE}") + RID="_c${RANDOM}a${RANDOM}f${RANDOM}f${RANDOM}e${RANDOM}e${RANDOM}" + RID="${RID:0:32}" + REQUEST=$(sed "s/%TIMESTAMP%/${NOW}/g;s/%REQUESTID%/${RID}/g" "${SOAP_ENVELOPE}") NETRC=$(mktemp -p /run/) [ -z "$NETRC" ] && NETRC="/run/netrc_$$_${USER}_${RANDOM}.tmp" touch "$NETRC" |