def is_lasso_ecp_enabled():
- # Full ECP support appeared in lasso version 2.4.2
- return lasso.checkVersion(2, 4, 2, lasso.CHECK_VERSION_NUMERIC)
+ # Look for an exported symbol we know was added with ECP support
+ return 'ECP_ERROR_MISSING_AUTHN_REQUEST' in dir(lasso)
class SSO_SOAP(AuthenticateRequest):
self.debug('Continue auth for %s' % user.name)
if 'saml2_request' not in transdata:
- self.debug("Couldn't find Request dump?!")
+ self.error("Couldn't find Request dump in transaction?!")
# TODO: Return to SP with auth failed error
raise cherrypy.HTTPError(400)
dump = transdata['saml2_request']
try:
login = self.cfg.idp.get_login_handler(dump)
except Exception, e: # pylint: disable=broad-except
- self.debug('Failed to load status from dump: %r' % e)
+ self.error('Failed to load login status from dump: %r' % e)
if not login:
- self.debug("Empty Request dump?!")
+ self.error("Empty login Request dump?!")
# TODO: Return to SP with auth failed error
raise cherrypy.HTTPError(400)
self.sessionfactory = SAMLSessionFactory(
database_url=self.get_config_value('session database url')
)
- # Schedule cleanups
- # pylint: disable=protected-access
- bt = cherrypy.process.plugins.BackgroundTask(
- 60, self.sessionfactory._ss.remove_expired_sessions
- )
- bt.start()
# Init IDP data
try:
idp = IdentityProvider(self,
sessionfactory=self.sessionfactory)
except Exception, e: # pylint: disable=broad-except
- self.debug('Failed to init SAML2 provider: %r' % e)
+ self.error('Failed to init SAML2 provider: %r' % e)
return None
self._root.logout.add_handler(self.name, self.idp_initiated_logout)
try:
idp.add_provider(sp)
except Exception, e: # pylint: disable=broad-except
- self.debug('Failed to add SP %s: %r' % (sp['name'], e))
+ self.error('Failed to add SP %s: %r' % (sp['name'], e))
return idp