]> WPIA git - gigi.git/blobdiff - src/org/cacert/gigi/api/GigiAPI.java
projects / gigi.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
fix: verify there is a user using the API
[gigi.git] / src / org / cacert / gigi / api / GigiAPI.java
diff --git a/src/org/cacert/gigi/api/GigiAPI.java b/src/org/cacert/gigi/api/GigiAPI.java
index a5acbe5605012fc08e3ef0b5cffc3b8228201b30..d511d315801180e2c871c50b259e3ff1c5359d7d 100644 (file)
--- a/src/org/cacert/gigi/api/GigiAPI.java
+++ b/src/org/cacert/gigi/api/GigiAPI.java
@@ -50,6 +50,10 @@ public class GigiAPI extends HttpServlet {
         }
         String serial = LoginPage.extractSerialFormCert(cert);
         User u = LoginPage.fetchUserBySerial(serial);
+        if (u == null) {
+            resp.sendError(403, "Error, cert authing required.");
+            return;
+        }
 
         if (pi.equals("/account/certs/new")) {
 
WPIA Certificate Web Issuance Platform