From 18f3b26eec78b7a5c920d7c87d5fe7aaed093c35 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Ji=C5=99=C3=AD=20Filipovi=C4=8D?= Date: Mon, 18 May 2009 11:39:25 +0000 Subject: [PATCH] Authorization required in all lb-simple operations. --- org.glite.lb.server/src/lb_proto.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/org.glite.lb.server/src/lb_proto.c b/org.glite.lb.server/src/lb_proto.c index 7edb2d7..c3a6d0a 100644 --- a/org.glite.lb.server/src/lb_proto.c +++ b/org.glite.lb.server/src/lb_proto.c @@ -613,8 +613,14 @@ edg_wll_ErrorCode edg_wll_Proto(edg_wll_Context ctx, if (html) text = drain_text_request(requestPTR); + /* Is user authorised? */ + if (!ctx->peerName){ + ret = HTTP_UNAUTH; + edg_wll_SetError(ctx, EPERM, "user not authenticated"); + } + /* GET /: Current User Jobs */ - if (requestPTR[0]=='/' && (requestPTR[1]==' ' || requestPTR[1]=='?')) { + else if (requestPTR[0]=='/' && (requestPTR[1]==' ' || requestPTR[1]=='?')) { edg_wlc_JobId *jobsOut = NULL; int i, flags; -- 1.8.2.3