Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Hi,
It looks like shib_auth_custom_data_validate() in file shib_auth_forms.inc does not get called at all. That would explain why no errors are thrown when custom emails are left blank, ToS are not accepted etc.
Where should the validation get called?
Thanks, J.
Comments
Comment #1
meyerrob CreditAttribution: meyerrob commentedValidation during the first login is still not working properly. The user can´t log in if the terms & conditions are not selected the user. shib_auth_custom_data_validate seems not to be called after clicking the submit button.
Comment #2
jelo CreditAttribution: jelo commentedI have the following settings enabled:
- user-defined usernames
- user-defined e-mail addresses
- Force users to accept Terms of Use
If IDP does not provide an email address and user tries to submit (ToS accepted) without adding an email, the error message reads "Email is already in use" instead of "An email address is required". The empty email belongs to UID 0. I am reasonably sure that this should have been caught before calling function shib_auth_save_authmap, but in the absence of finding where, I replaced the following:
with
If IDP provides a value and user tries to submit (ToS accepted) while just leaving the prefilled email address from IDP, the form does not submit. Instead, the page reloads without error message being displayed and ToS box gets unticked. However, if email is removed the form submits (and internally the email address from the CWL mail attribute is used for account creation).
To fix this issue I replaced
with