diff options
| author | Joseph Reynolds <joseph-reynolds@charter.net> | 2020-01-14 16:34:09 -0600 |
|---|---|---|
| committer | Joseph Reynolds <joseph-reynolds@charter.net> | 2020-01-30 16:24:12 +0000 |
| commit | d887fff197b2fc3357bcbb1adb028521699a204a (patch) | |
| tree | cd2038b1dfd796becf9444d27b1024ca5dc4b7d7 /redfish-core | |
| parent | d04ba325f3ef4e60eb4fd8e7477af78d1be0d79d (diff) | |
| download | bmcweb-d887fff197b2fc3357bcbb1adb028521699a204a.tar.gz bmcweb-d887fff197b2fc3357bcbb1adb028521699a204a.zip | |
Enhance return value from pamAuthenticateUser
This enhances the return value from the pamAuthenticateUser function so
callers can articulate PAM error codes like PAM_NEW_AUTHTOK_REQD which
means the credentials are correct, but the password must be changed.
Tested: Yes, scenarios via both Redfish login and Basic Auth:
- correct username and password, password is not expired
- correct username and password, password is expired
- correct username and incorrect password, password is not expired
- correct username and incorrect password, password is expired
- non-existent user (passsword is not relevant)
Signed-off-by: Joseph Reynolds <joseph-reynolds@charter.net>
Change-Id: I1114d6c9cc591fb0a1853cb4edea32ad22f7b015
Diffstat (limited to 'redfish-core')
| -rw-r--r-- | redfish-core/lib/redfish_sessions.hpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/redfish-core/lib/redfish_sessions.hpp b/redfish-core/lib/redfish_sessions.hpp index 88f250b..0094858 100644 --- a/redfish-core/lib/redfish_sessions.hpp +++ b/redfish-core/lib/redfish_sessions.hpp @@ -196,7 +196,7 @@ class SessionCollection : public Node return; } - if (!pamAuthenticateUser(username, password)) + if (pamAuthenticateUser(username, password) != PAM_SUCCESS) { messages::resourceAtUriUnauthorized(res, std::string(req.url), "Invalid username or password"); |
