Add session.disable_fallback option (issue #492).

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@3082 44740490-163a-0410-bde0-09ae8108e29a

Add session.disable_fallback option (issue #492).
fd1e3a6b · Andjelko Horvat · 78a53563 · fd1e3a6b · fd1e3a6b · fd1e3a6b
Commit fd1e3a6b authored 13 years ago by Andjelko Horvat
--- a/config-templates/config.php
+++ b/config-templates/config.php
@@ -240,6 +240,12 @@ $config = array (
 	 */
 	'session.cookie.secure' => FALSE,

+	/*
+	 * When set to FALSE fallback to transient session on session initialization
+	 * failure, throw exception otherwise.
+	 */
+	'session.disable_fallback' => FALSE,
+
 	/*
 	 * Enable secure POST from HTTPS to HTTP.
 	 *

--- a/lib/SimpleSAML/Session.php
+++ b/lib/SimpleSAML/Session.php
@@ -45,6 +45,14 @@ class SimpleSAML_Session {
 	private $sessionId;


+	/**
+	 * Transient session flag.
+	 *
+	 * @var boolean|FALSE
+	 */
+	private $transient = FALSE;
+
+
 	/**
 	 * The track id is a new random unique identifier that is generate for each session.
 	 * This is used in the debug logs and error messages to easily track more information
@@ -150,6 +158,7 @@ class SimpleSAML_Session {

 		if ($transient) {
 			$this->trackid = 'XXXXXXXXXX';
+			$this->transient = TRUE;
 			return;
 		}

@@ -249,14 +258,21 @@ class SimpleSAML_Session {
 		try {
 			self::$instance = self::getSession();
 		} catch (Exception $e) {
+			/* For some reason, we were unable to initialize this session. Use a transient session instead. */
+			self::useTransientSession();
+
+			$globalConfig = SimpleSAML_Configuration::getInstance();
+			if ($globalConfig->getBoolean('session.disable_fallback', FALSE) === TRUE) {
+				throw $e;
+			}
+
 			if ($e instanceof SimpleSAML_Error_Exception) {
 				SimpleSAML_Logger::error('Error loading session:');
 				$e->logError();
 			} else {
 				SimpleSAML_Logger::error('Error loading session: ' . $e->getMessage());
 			}
-			/* For some reason, we were unable to initialize this session. Use a transient session instead. */
-			self::useTransientSession();
+
 			return self::$instance;
 		}

@@ -299,6 +315,16 @@ class SimpleSAML_Session {
 	}


+	/**
+	 * Retrieve if session is transient.
+	 *
+	 * @return boolean  The session transient flag.
+	 */
+	public function isTransient() {
+		return $this->transient;
+	}
+
+
 	/**
 	 * Get a unique ID that will be permanent for this session.
 	 * Used for debugging and tracing log files related to a session.

--- a/www/errorreport.php
+++ b/www/errorreport.php
@@ -17,19 +17,27 @@ $reportId = (string)$_REQUEST['reportId'];
 $email = (string)$_REQUEST['email'];
 $text = htmlspecialchars((string)$_REQUEST['text']);

-$session = SimpleSAML_Session::getInstance();
-$data = $session->getData('core:errorreport', $reportId);
+try {
+	$session = SimpleSAML_Session::getInstance();
+	$data = $session->getData('core:errorreport', $reportId);
+} catch (Exception $e) {
+	SimpleSAML_Logger::error('Error loading error report data: ' . var_export($e->getMessage(), TRUE));
+}

 if ($data === NULL) {
 	$data = array(
 		'exceptionMsg' => 'not set',
 		'exceptionTrace' => 'not set',
 		'reportId' => $reportId,
-		'trackId' => $session->getTrackId(),
+		'trackId' => 'not set',
 		'url' => 'not set',
 		'version' => $config->getVersion(),
 		'referer' => 'not set',
 	);
+
+	if (isset($session)) {
+		$data['trackId'] = $session->getTrackId();
+	}
 }

 foreach ($data as $k => $v) {