diff --git a/www/aselect/handler.php b/www/aselect/handler.php
index 38dbf2a5715eea01b91c35f0d45250ae153e5e9a..795456eed71280d3cafddb580aea93aba51c9eb4 100644
--- a/www/aselect/handler.php
+++ b/www/aselect/handler.php
@@ -122,7 +122,7 @@ session_start();
// log an error and throw an exception
function as_error_exception($msg) {
- SimpleSAML_Logger::notice(array('1', 'aselect', 'handler', 'request', 'access', $msg));
+ SimpleSAML_Logger::info(array('1', 'aselect', 'handler', 'request', 'access', $msg));
throw new Exception($msg);
}
@@ -438,7 +438,7 @@ function as_request_bridge_return() {
// demultiplex incoming request
try {
- SimpleSAML_Logger::notice(array('1', 'aselect', 'handler', 'request', 'access', $_SERVER['REQUEST_URI']));
+ SimpleSAML_Logger::info(array('1', 'aselect', 'handler', 'request', 'access', $_SERVER['REQUEST_URI']));
if ($_GET['request']) {
$handler = 'as_request_' . $_GET['request'];
$handler();
diff --git a/www/auth/login-admin.php b/www/auth/login-admin.php
index d2d113d62da6cc0ae41239c96584c7291400fb74..65e86828b1143f58a6ada80e8617a64f6b168c1b 100644
--- a/www/auth/login-admin.php
+++ b/www/auth/login-admin.php
@@ -60,7 +60,7 @@ if (isset($_POST['password'])) {
'value' => SimpleSAML_Utilities::generateID(),
'Format' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'));
- SimpleSAML_Logger::notice('AUTH - admin: '. $username . ' successfully authenticated');
+ SimpleSAML_Logger::info('AUTH - admin: '. $username . ' successfully authenticated');
/**
* Create a statistics log entry for every successfull login attempt.
diff --git a/www/auth/login-feide.php b/www/auth/login-feide.php
index 1e76036a4ee44d3dab91daa9bd21d5d0449043be..71b1932745ce96feec77816c3e47262a8ab77675 100644
--- a/www/auth/login-feide.php
+++ b/www/auth/login-feide.php
@@ -112,7 +112,7 @@ if (isset($_REQUEST['username'])) {
* Do LDAP bind using DN found from the search on ePPN.
*/
if (!$ldap->bind($dn, $password)) {
- SimpleSAML_Logger::notice('AUTH - ldap-feide: '. $requestedUser . ' failed to authenticate. DN=' . $dn);
+ SimpleSAML_Logger::info('AUTH - ldap-feide: '. $requestedUser . ' failed to authenticate. DN=' . $dn);
throw new Exception('Wrong username or password');
}
@@ -121,7 +121,7 @@ if (isset($_REQUEST['username'])) {
*/
$attributes = $ldap->getAttributes($dn, $ldapconfig['attributes']);
- SimpleSAML_Logger::notice('AUTH - ldap-feide: '. $requestedUser . ' successfully authenticated');
+ SimpleSAML_Logger::info('AUTH - ldap-feide: '. $requestedUser . ' successfully authenticated');
$session->setAuthenticated(true, 'login-feide');
$session->setAttributes($attributes);
diff --git a/www/auth/login-ldapmulti.php b/www/auth/login-ldapmulti.php
index 204364905f1c6058b140566ff2d88cd1a4f59ba7..d32370d463a10cc716ce9347491cd956db74ee9d 100644
--- a/www/auth/login-ldapmulti.php
+++ b/www/auth/login-ldapmulti.php
@@ -64,7 +64,7 @@ if (isset($_POST['username'])) {
ldap_error($ds) . "] ErrNo=[" .
ldap_errno($ds) . "]";
- SimpleSAML_Logger::notice('AUTH - ldap-multi: '. $_POST['username'] . ' failed to authenticate');
+ SimpleSAML_Logger::info('AUTH - ldap-multi: '. $_POST['username'] . ' failed to authenticate');
} else {
$sr = ldap_read($ds, $dn, $ldapconfig['attributes'] );
@@ -85,7 +85,7 @@ if (isset($_POST['username'])) {
//print_r($ldapentries);
//print_r($attributes);
- SimpleSAML_Logger::notice('AUTH - ldap-multi: '. $_POST['username'] . ' successfully authenticated');
+ SimpleSAML_Logger::info('AUTH - ldap-multi: '. $_POST['username'] . ' successfully authenticated');
$session->setAuthenticated(true, 'login-ldapmulti');
diff --git a/www/auth/login-radius.php b/www/auth/login-radius.php
index 710dea1720bd98d62498228be15da5018908c05d..c073f83d220521ac260438b5919c8fbfd2eae0a7 100644
--- a/www/auth/login-radius.php
+++ b/www/auth/login-radius.php
@@ -81,7 +81,7 @@ if (isset($_POST['username'])) {
//$attributes = array('urn:mace:eduroam.no:username' => array($_POST['username']));
- SimpleSAML_Logger::notice('AUTH - radius: '. $_POST['username'] . ' successfully authenticated');
+ SimpleSAML_Logger::info('AUTH - radius: '. $_POST['username'] . ' successfully authenticated');
$session->setAuthenticated(true, 'login-radius');
@@ -108,7 +108,7 @@ if (isset($_POST['username'])) {
case RADIUS_ACCESS_REJECT:
- SimpleSAML_Logger::notice('AUTH - radius: '. $_POST['username'] . ' failed to authenticate');
+ SimpleSAML_Logger::info('AUTH - radius: '. $_POST['username'] . ' failed to authenticate');
throw new Exception('Radius authentication error: Bad credentials ');
break;
case RADIUS_ACCESS_CHALLENGE:
diff --git a/www/auth/login.php b/www/auth/login.php
index 44806ff0b63d6259ff4974c3152e2eeb94177aa3..8e0c797490cb3c6afbd8d4c8ed8190411d3f6274 100644
--- a/www/auth/login.php
+++ b/www/auth/login.php
@@ -83,7 +83,7 @@ if (isset($_POST['username'])) {
$error = "Bind failed, wrong username or password. Tried with DN=[" . $dn . "] DNPattern=[" . $config->getValue('auth.ldap.dnpattern')
. "] Error=[" . ldap_error($ds) . "] ErrNo=[" . ldap_errno($ds) . "]";
- SimpleSAML_Logger::notice('AUTH - ldap: '. $username . ' failed to authenticate');
+ SimpleSAML_Logger::info('AUTH - ldap: '. $username . ' failed to authenticate');
} else {
$sr = ldap_read($ds, $dn, $config->getValue('auth.ldap.attributes'));
@@ -137,7 +137,7 @@ if (isset($_POST['username'])) {
'value' => SimpleSAML_Utilities::generateID(),
'Format' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'));
- SimpleSAML_Logger::notice('AUTH - ldap: '. $username . ' successfully authenticated');
+ SimpleSAML_Logger::info('AUTH - ldap: '. $username . ' successfully authenticated');
SimpleSAML_Utilities::redirect($relaystate);
diff --git a/www/saml2/idp/SSOService.php b/www/saml2/idp/SSOService.php
index ca92e057acfcce25654c148520ee680c0c712ca5..e5e5dd04f0b41fc8d4de74c2a1e492f24f650d6f 100644
--- a/www/saml2/idp/SSOService.php
+++ b/www/saml2/idp/SSOService.php
@@ -128,7 +128,7 @@ $authority = isset($idpmetadata['authority']) ? $idpmetadata['authority'] : null
if (!isset($session) || !$session->isValid($authority) ) {
- SimpleSAML_Logger::notice('SAML2.0 - IdP.SSOService: Will go to authentication module ' . $idpmetadata['auth']);
+ SimpleSAML_Logger::info('SAML2.0 - IdP.SSOService: Will go to authentication module ' . $idpmetadata['auth']);
$relaystate = SimpleSAML_Utilities::selfURLNoQuery() .
'?RequestID=' . urlencode($requestid);
@@ -157,7 +157,7 @@ if (!isset($session) || !$session->isValid($authority) ) {
if (!isset($_GET['consent'])) {
- SimpleSAML_Logger::notice('SAML2.0 - IdP.SSOService: Requires consent from user for attribute release');
+ SimpleSAML_Logger::info('SAML2.0 - IdP.SSOService: Requires consent from user for attribute release');
$t = new SimpleSAML_XHTML_Template($config, 'consent.php');
$t->data['header'] = 'Consent';
@@ -169,7 +169,7 @@ if (!isset($session) || !$session->isValid($authority) ) {
} else {
- SimpleSAML_Logger::notice('SAML2.0 - IdP.SSOService: Got consent from user');
+ SimpleSAML_Logger::info('SAML2.0 - IdP.SSOService: Got consent from user');
}
}
@@ -178,7 +178,7 @@ if (!isset($session) || !$session->isValid($authority) ) {
// Right now the list is used for SAML 2.0 only.
$session->add_sp_session($spentityid);
- SimpleSAML_Logger::notice('SAML2.0 - IdP.SSOService: Sending back AuthnResponse to '.$spentityid);
+ SimpleSAML_Logger::info('SAML2.0 - IdP.SSOService: Sending back AuthnResponse to '.$spentityid);
diff --git a/www/saml2/idp/SingleLogoutService.php b/www/saml2/idp/SingleLogoutService.php
index 48eb9a061b59c4085419bf30dee2ab0a1947f325..05ff903c73d4dd184670c1808702b7bffcd6cbaf 100644
--- a/www/saml2/idp/SingleLogoutService.php
+++ b/www/saml2/idp/SingleLogoutService.php
@@ -79,7 +79,7 @@ if (isset($_GET['SAMLRequest'])) {
$responder = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted');
- SimpleSAML_Logger::notice('SAML2.0 - IdP.SingleLogoutService: got Logoutrequest from ' . $logoutrequest->getIssuer());
+ SimpleSAML_Logger::info('SAML2.0 - IdP.SingleLogoutService: got Logoutrequest from ' . $logoutrequest->getIssuer());
SimpleSAML_Logger::stats('saml20-idp-SLO spinit ' . $requester . ' ' . $responder);
/* Check if we have a valid session. */
@@ -139,7 +139,7 @@ if (isset($_GET['SAMLRequest'])) {
$loginresponse = $binding->decodeLogoutResponse($_GET);
if ($binding->validateQuery($loginresponse->getIssuer(),'SP','SAMLResponse')) {
- SimpleSAML_Logger::notice('SAML2.0 - IDP.SingleLogoutService: Valid signature found');
+ SimpleSAML_Logger::info('SAML2.0 - IDP.SingleLogoutService: Valid signature found');
}
@@ -160,7 +160,7 @@ if (isset($_GET['SAMLRequest'])) {
$session->set_sp_logout_completed($loginresponse->getIssuer());
- SimpleSAML_Logger::notice('SAML2.0 - IDP.SingleLogoutService: got LogoutResponse from ' . $loginresponse->getIssuer());
+ SimpleSAML_Logger::info('SAML2.0 - IDP.SingleLogoutService: got LogoutResponse from ' . $loginresponse->getIssuer());
} else {
SimpleSAML_Utilities::fatalError($session->getTrackID(), 'SLOSERVICEPARAMS');
@@ -177,7 +177,7 @@ $session->dump_sp_sessions();
$spentityid = $session->get_next_sp_logout();
if ($spentityid) {
- SimpleSAML_Logger::notice('SAML2.0 - IDP.SingleLogoutService: Logout next SP ' . $spentityid);
+ SimpleSAML_Logger::info('SAML2.0 - IDP.SingleLogoutService: Logout next SP ' . $spentityid);
try {
$lr = new SimpleSAML_XML_SAML20_LogoutRequest($config, $metadata);
diff --git a/www/saml2/idp/metadata.php b/www/saml2/idp/metadata.php
index 0055f956d1d9e5767fa3ddf7346f814df3c1f42c..19e3208310e7f28eeeb552171c75228a14c14425 100644
--- a/www/saml2/idp/metadata.php
+++ b/www/saml2/idp/metadata.php
@@ -18,13 +18,6 @@ if (!$config->getValue('enable.saml20-idp', false))
SimpleSAML_Utilities::fatalError($session->getTrackID(), 'NOACCESS');
-/* Check if valid local session exists.. */
-if (!isset($session) || !$session->isValid('login-admin') ) {
- SimpleSAML_Utilities::redirect('/' . $config->getValue('baseurlpath') . 'auth/login-admin.php',
- array('RelayState' => SimpleSAML_Utilities::selfURL())
- );
-}
-
try {
diff --git a/www/saml2/sp/AssertionConsumerService.php b/www/saml2/sp/AssertionConsumerService.php
index 5558b74c8ca20b6cf6d86950c5f6e1563c425ce2..12eefa6c90c77e3c16937461599b7c4b29727f0f 100644
--- a/www/saml2/sp/AssertionConsumerService.php
+++ b/www/saml2/sp/AssertionConsumerService.php
@@ -47,7 +47,7 @@ try {
$authnResponse->process();
- SimpleSAML_Logger::notice('SAML2.0 - SP.AssertionConsumerService: Successfully created local session from Authentication Response');
+ SimpleSAML_Logger::info('SAML2.0 - SP.AssertionConsumerService: Successfully created local session from Authentication Response');
/**
diff --git a/www/saml2/sp/SingleLogoutService.php b/www/saml2/sp/SingleLogoutService.php
index a8200db7d25fc90249ccca5bdcc98b140df6b6fc..94d59d9518043ed6e2b7fa5fbb4572a11cf0168d 100644
--- a/www/saml2/sp/SingleLogoutService.php
+++ b/www/saml2/sp/SingleLogoutService.php
@@ -44,7 +44,7 @@ if (isset($_GET['SAMLRequest'])) {
$logoutrequest = $binding->decodeLogoutRequest($_GET);
if ($binding->validateQuery($logoutrequest->getIssuer(),'SP')) {
- SimpleSAML_Logger::notice('SAML2.0 - SP.SingleLogoutService: Valid signature found for '.$requestid);
+ SimpleSAML_Logger::info('SAML2.0 - SP.SingleLogoutService: Valid signature found for '.$requestid);
}
// Extract some parameters from the logout request
@@ -55,7 +55,7 @@ if (isset($_GET['SAMLRequest'])) {
//$responder = $config->getValue('saml2-hosted-sp');
$responder = $metadata->getMetaDataCurrentEntityID();
- SimpleSAML_Logger::notice('SAML2.0 - SP.SingleLogoutService: IdP (' . $requester . ') is sending logout request to me SP (' . $responder . ') requestid '.$requestid);
+ SimpleSAML_Logger::info('SAML2.0 - SP.SingleLogoutService: IdP (' . $requester . ') is sending logout request to me SP (' . $responder . ') requestid '.$requestid);
SimpleSAML_Logger::stats('saml20-idp-SLO idpinit ' . $responder . ' ' . $requester);
// Create a logout response
@@ -67,7 +67,7 @@ if (isset($_GET['SAMLRequest'])) {
$httpredirect = new SimpleSAML_Bindings_SAML20_HTTPRedirect($config, $metadata);
- SimpleSAML_Logger::notice('SAML2.0 - SP.SingleLogoutService: SP me (' . $responder . ') is sending logout response to IdP (' . $requester . ')');
+ SimpleSAML_Logger::info('SAML2.0 - SP.SingleLogoutService: SP me (' . $responder . ') is sending logout response to IdP (' . $requester . ')');
// Send the Logout response using HTTP POST binding.
$httpredirect->sendMessage($logoutResponseXML, $responser, $requester, $logoutrequest->getRelayState(), 'SingleLogoutServiceResponse', 'SAMLResponse');
@@ -88,7 +88,7 @@ if (isset($_GET['SAMLRequest'])) {
$logoutresponse = $binding->decodeLogoutResponse($_GET);
if ($binding->validateQuery($logoutresponse->getIssuer(),'SP','SAMLResponse')) {
- SimpleSAML_Logger::notice('SAML2.0 - SP.SingleLogoutService: Valid signature found');
+ SimpleSAML_Logger::info('SAML2.0 - SP.SingleLogoutService: Valid signature found');
}
} catch(Exception $exception) {
diff --git a/www/saml2/sp/initSLO.php b/www/saml2/sp/initSLO.php
index afc19688ed24d1f60a82be0465c10ebe961b4e10..f803327469506df1f97f0ed3ba297f7ff177c719 100644
--- a/www/saml2/sp/initSLO.php
+++ b/www/saml2/sp/initSLO.php
@@ -42,7 +42,7 @@ if (isset($session) ) {
$relayState = $_REQUEST['RelayState'];
}
- SimpleSAML_Logger::notice('SAML2.0 - SP.initSLO: SP (' . $spentityid . ') is sending logout request to IdP (' . $idpentityid . ')');
+ SimpleSAML_Logger::info('SAML2.0 - SP.initSLO: SP (' . $spentityid . ') is sending logout request to IdP (' . $idpentityid . ')');
$httpredirect->sendMessage($req, $spentityid, $idpentityid, $relayState, 'SingleLogoutService', 'SAMLRequest', 'SP');
@@ -57,7 +57,7 @@ if (isset($session) ) {
SimpleSAML_Utilities::fatalError($session->getTrackID(), 'NORELAYSTATE');
$relaystate = $_REQUEST['RelayState'];
- SimpleSAML_Logger::notice('SAML2.0 - SP.initSLO: User is already logged out. Go back to relaystate');
+ SimpleSAML_Logger::info('SAML2.0 - SP.initSLO: User is already logged out. Go back to relaystate');
SimpleSAML_Utilities::redirect($relaystate);
}
diff --git a/www/saml2/sp/initSSO.php b/www/saml2/sp/initSSO.php
index 50d64c5734e1bb95b2451f583064f672c1503ab1..c26210b16f4f80b7050545e3d83052c19ee13c3f 100644
--- a/www/saml2/sp/initSSO.php
+++ b/www/saml2/sp/initSSO.php
@@ -44,7 +44,7 @@ if (!isset($session) || !$session->isValid('saml2') ) {
if ($idpentityid == null) {
- SimpleSAML_Logger::notice('SAML2.0 - SP.initSSO: No chosen or default IdP, go to SAML2disco');
+ SimpleSAML_Logger::info('SAML2.0 - SP.initSSO: No chosen or default IdP, go to SAML2disco');
$returnURL = urlencode(SimpleSAML_Utilities::selfURL());
$discservice = '/' . $config->getValue('baseurlpath') . 'saml2/sp/idpdisco.php?entityID=' . $spentityid .
@@ -67,7 +67,7 @@ if (!isset($session) || !$session->isValid('saml2') ) {
$relayState = $_GET['RelayState'];
}
- SimpleSAML_Logger::notice('SAML2.0 - SP.initSSO: SP (' . $spentityid . ') is sending AuthNRequest to IdP (' . $idpentityid . ')');
+ SimpleSAML_Logger::info('SAML2.0 - SP.initSSO: SP (' . $spentityid . ') is sending AuthNRequest to IdP (' . $idpentityid . ')');
$httpredirect->sendMessage($req, $spentityid, $idpentityid, $relayState);
@@ -82,7 +82,7 @@ if (!isset($session) || !$session->isValid('saml2') ) {
$relaystate = $_GET['RelayState'];
if (isset($relaystate) && !empty($relaystate)) {
- SimpleSAML_Logger::notice('SAML2.0 - SP.initSSO: Already Authenticated, Go back to RelayState');
+ SimpleSAML_Logger::info('SAML2.0 - SP.initSSO: Already Authenticated, Go back to RelayState');
SimpleSAML_Utilities::redirect($relaystate);
} else {
SimpleSAML_Utilities::fatalError($session->getTrackID(), 'NORELAYSTATE');
diff --git a/www/shib13/idp/metadata.php b/www/shib13/idp/metadata.php
index 84e0672e679736e16bb78dba2feead518872da46..acafbc88941b3dcc7a809d262676e93eb67281bb 100644
--- a/www/shib13/idp/metadata.php
+++ b/www/shib13/idp/metadata.php
@@ -18,13 +18,6 @@ if (!$config->getValue('enable.shib13-idp', false))
SimpleSAML_Utilities::fatalError($session->getTrackID(), 'NOACCESS');
-/* Check if valid local session exists.. */
-if (!isset($session) || !$session->isValid('login-admin') ) {
- SimpleSAML_Utilities::redirect('/' . $config->getValue('baseurlpath') . 'auth/login-admin.php',
- array('RelayState' => SimpleSAML_Utilities::selfURL())
- );
-}
-
try {
diff --git a/www/shib13/sp/AssertionConsumerService.php b/www/shib13/sp/AssertionConsumerService.php
index 6c48f3384301b7ef1051d7fca73c0bc28914bf2c..1b106655036850966f9a8a25c18388ecf9a6ccf3 100644
--- a/www/shib13/sp/AssertionConsumerService.php
+++ b/www/shib13/sp/AssertionConsumerService.php
@@ -37,7 +37,7 @@ try {
if (isset($session)) {
- SimpleSAML_Logger::notice('Shib1.3 - SP.AssertionConsumerService: Successfully created local session from Authentication Response');
+ SimpleSAML_Logger::info('Shib1.3 - SP.AssertionConsumerService: Successfully created local session from Authentication Response');
/**
* Make a log entry in the statistics for this SSO login.
diff --git a/www/shib13/sp/initSSO.php b/www/shib13/sp/initSSO.php
index eb8de42dd171d858c66646c29c723d160b1324fd..bc7ec229dbcb6915ea23402fde5c7650f87645ee 100644
--- a/www/shib13/sp/initSSO.php
+++ b/www/shib13/sp/initSSO.php
@@ -46,7 +46,7 @@ if (!isset($session) || !$session->isValid('shib13') ) {
if ($idpentityid == null) {
- SimpleSAML_Logger::notice('Shib1.3 - SP.initSSO: No chosen or default IdP, go to Shib13disco');
+ SimpleSAML_Logger::info('Shib1.3 - SP.initSSO: No chosen or default IdP, go to Shib13disco');
$returnURL = urlencode(SimpleSAML_Utilities::selfURL());
$discservice = '/' . $config->getValue('baseurlpath') . 'shib13/sp/idpdisco.php?entityID=' . $spentityid .
@@ -62,7 +62,7 @@ if (!isset($session) || !$session->isValid('shib13') ) {
if(isset($_GET['RelayState']))
$ar->setRelayState($_GET['RelayState']);
- SimpleSAML_Logger::notice('Shib1.3 - SP.initSSO: SP (' . $spentityid . ') is sending AuthNRequest to IdP (' . $idpentityid . ')');
+ SimpleSAML_Logger::info('Shib1.3 - SP.initSSO: SP (' . $spentityid . ') is sending AuthNRequest to IdP (' . $idpentityid . ')');
$url = $ar->createRedirect($idpentityid);
SimpleSAML_Utilities::redirect($url);
@@ -77,7 +77,7 @@ if (!isset($session) || !$session->isValid('shib13') ) {
$relaystate = $session->getRelayState();
if (isset($relaystate) && !empty($relaystate)) {
- SimpleSAML_Logger::notice('Shib1.3 - SP.initSSO: Already Authenticated, Go back to RelayState');
+ SimpleSAML_Logger::info('Shib1.3 - SP.initSSO: Already Authenticated, Go back to RelayState');
SimpleSAML_Utilities::redirect($relaystate);
} else {
SimpleSAML_Utilities::fatalError($session->getTrackID(), 'NORELAYSTATE');