The mailing list for listmasters using Sympa

[David Verdin <address@concealed>]

The 5.4.2 should be out today.
I will have a look to what you did for the logout and include a recent 
submission, and then go!

I also forgot to add a link to the aforementioned perl module: 
http://search.cpan.org/~osalaun/AuthCAS-1.3.1/

Regards,

Maja Wolniewicz a écrit :
> I will install sympa-5.4.2 when it comes and then I will check these 
> issues.
> I will provide my CAS SSOut modifications for version 5.4.2
>
> Maja
>
> David Verdin pisze:
> > Hi, Maja
> >
> > Maja Wolniewicz a écrit :
> > > I have had two problems in Sympa 5.4.1 configured with CAS-based 
> > > authentication.
> > > The first was: after successful login some operations - actually 
> > > POST operations - fail.
> > > According to the log, each operation causes a CAS redirect.
> > > I've compared Sympa with CAS and Sympa with standard authentication and
> > > found out that after successful login the field email_session in the 
> > > table session_table is set to nobody while using CAS.
> > > After adding in wwsympa.fcg, line 913
> > > $session->{'email'} = $param->{'user'}{'email'};
> > > CAS login and POST operations work without any problem.
> > > Is it a bug?
> > Is was. As Serge wrote, it is now fixed.
> > > The second problem - CAS logout didn't work.
> > > It seems that here the CGI::Cookie package is the culprit.
> > > The cookie cas_server is set in the subroutine set_cas_server from 
> > > cookielib.pm
> > >   my $cookie = new CGI::Cookie (-name    => 'cas_server',
> > >                                 -value   => $value,
> > >                                  -domain  => $domain,
> > >                                  -expires => $expires,
> > >                                  -path    => '/'
> > >                                  );
> > >
> > >    ## Send cookie to the client
> > >    printf "Set-Cookie:  %s\n", $cookie->as_string;
> > > When auth.conf has only one CAS authentication definition, $value is 0
> > > The result is the cookie with empty value (value zero converted to "").
> > > During logout in the do_logout subroutine the cookie cas_served is 
> > > checked:
> > > my $cas_id = &cookielib::get_cas_server($ENV{'HTTP_COOKIE'});
> > > and the value "" instead of 0 causes the problem.
> > > I've modified set_cas_server and get_cas_server subroutines. In 
> > > set_cas_server I've added
> > > $value++;
> > > before calling new CGI::Cookie.
> > > In get_cas_server I have now
> > >   my $http_cookie = shift;
> > >    #return &generic_get_cookie($http_cookie, 'cas_server');
> > >    my $value = &generic_get_cookie($http_cookie, 'cas_server');
> > >    $value--;
> > >    return $value;
> > >
> > > and CAS logout works.
> > Didn't the patch we provided fix this problem?
> > We had the same problem - with only one CAS server, too - and we can 
> > now log out normally.
> > > By the way, I've implemented CAS Single Sign Out in our sympa, which 
> > > can be used with CAS v. 3.1.x. Anyone interested in my modifications?
> > Sure we are!
> > For now, we only implemented CAS v2. We originally produced a perl 
> > module implementing CAS. We finally diverged from it but are willing 
> > to reintroduce its usage.
> > So if you submit your work, we would modify this module according to 
> > it, and restart using it in Sympa.
> > If it is OK with you, we would be happy to include your work in Sympa.
> >
> > Cheers,
> > > Greetings
> > > Maja

--
David Verdin
Comité réseau des universités