Developers of Sympa

[Olivier Salaün - CRU <address@concealed>]

The way we manage so-called "referer" during authentication is far from 
perfect.
It works quite well for Sympa native authentication but I don't think it 
works while using Single Sign-On systems.
The reason for behind that is that we use hidden form variables to carry 
the operation that was initially requested. This "referer" is well 
carried though Sympa native authentication methods but it's more tricky 
external SSO systems.

We're currently working on refactoring Sympa session management ; it 
will be a good opportunity to carry referer information along with the 
user session...

John-Paul Robinson wrote:
> Thanks Olivier.  That's likely to do it.  It looks as if when the URL:
>
>  http://myhost/sympa/admin/listname
>
> is entered and I'm not authenticated it prompts for authentication.
> Will the user get returned to this URL after authentication is completed
> when Shib (or other redirecting technology) is used?
>
> Olivier Salaün - CRU wrote:
>   
> > You mean providing the login banner if an authorization error is raised
> > on the web interface ?
> >
> > Sympa 5.1 and later versions have a different web layout that carries an
> > authentication area that either provides the login banner or the user
> > identity and profile. Check our web site http://listes.cru.fr/sympa/
> >
> > John-Paul Robinson wrote:
> >     
> > > I was wondering if there was a configuration way to trigger login to
> > > havppen automatically if an authorization denied message would
> > > otherwise be returned?  I'm still working with 5.0.
> > >