-
Notifications
You must be signed in to change notification settings - Fork 145
Allow user-customisable page on permission denied instead of packaged... #48
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Conversation
Thanks @mhindery, I generally like the idea of just raising the PermissionDenied exception and letting the rest be hooked up in a standard way. Yes, there may be a case when somebody wants to use custom, SAML-specific permission denied page that is different from the one configured globally per project, but this is still possible with some customization and I'm inclined to say that providing these templates is a bit outside of scope of djangosaml2 library, which should be focused on handling SAML authentication and integrating it into Django projects in the most standard way possible.
But, since I already accepted PR#39 by @ws0w that brought this change (piggy-backed on other, more important changes), I'm inviting him to discuss this first and hear his opinion.
I agree that raising the PermissiondDenied exception is better. I'm not sure how that will affect my use of djangosaml2, but I can adjust.
@ws0w you can wrap the original assertion_consumer_service function in your custom ACS that catches PermissionDenied and renders a custom SSO-specific error page.
(Don't forget to wire your custom ACS function to urls.py then)
... template