node = nodes[0]
if 'node' not in method.roles:
- raise PLCAuthenticationFailure, "SessionAuth: Not allowed to call method %s, missing 'node' role"%method.name
+ # using PermissionDenied rather than AuthenticationFailure here because
+ # if that fails we don't want to delete the session..
+ raise PLCPermissionDenied, "SessionAuth: Not allowed to call method %s, missing 'node' role"%method.name
method.caller = node
if node['key']:
key = node['key']
else:
- write_debug_line("BootAuth.check: could not get key")
raise PLCAuthenticationFailure, "BootAuth: No node key"
# Yes, this is the "canonicalization" method used.