projects / arvados.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
16212: Add pam_ldap test.
[arvados.git] / lib / controller / localdb / login_pam.go
diff --git a/lib/controller/localdb/login_pam.go b/lib/controller/localdb/login_pam.go
index 1b1a05377aa4e4f864efb5ea0a875bf77ae19948..7955aef1187309576988661f55dc33633d20517b 100644 (file)
--- a/lib/controller/localdb/login_pam.go
+++ b/lib/controller/localdb/login_pam.go
@@ -66,7 +66,10 @@ func (ctrl *pamLoginController) Login(ctx context.Context, opts arvados.LoginOpt
        ctxlog.FromContext(ctx).WithFields(logrus.Fields{"user": user, "email": email}).Debug("pam authentication succeeded")
        ctxRoot := auth.NewContext(ctx, &auth.Credentials{Tokens: []string{ctrl.Cluster.SystemRootToken}})
        resp, err := ctrl.RailsProxy.UserSessionCreate(ctxRoot, rpc.UserSessionCreateOptions{
-               ReturnTo: opts.Remote + "," + opts.ReturnTo,
+               // Send a fake ReturnTo value instead of the caller's
+               // opts.ReturnTo. We won't follow the resulting
+               // redirect target anyway.
+               ReturnTo: opts.Remote + ",https://none.invalid",
                AuthInfo: rpc.UserSessionAuthInfo{
                        Username: user,
                        Email:    email,