The mailing list for listmasters using Sympa

[Maja Wolniewicz <address@concealed>]

David Verdin pisze:
> Hi Maja,
>
> Sorry for the late reply.
..
> > > > The second problem - CAS logout didn't work.
> > > > It seems that here the CGI::Cookie package is the culprit.
> > > > The cookie cas_server is set in the subroutine set_cas_server from 
> > > > cookielib.pm
> > > >   my $cookie = new CGI::Cookie (-name    => 'cas_server',
> > > >                                 -value   => $value,
> > > >                                  -domain  => $domain,
> > > >                                  -expires => $expires,
> > > >                                  -path    => '/'
> > > >                                  );
> > > >
> > > >    ## Send cookie to the client
> > > >    printf "Set-Cookie:  %s\n", $cookie->as_string;
> > > > When auth.conf has only one CAS authentication definition, $value is 0
> > > > The result is the cookie with empty value (value zero converted to "").
> > > > During logout in the do_logout subroutine the cookie cas_served is 
> > > > checked:
> > > > my $cas_id = &cookielib::get_cas_server($ENV{'HTTP_COOKIE'});
> > > > and the value "" instead of 0 causes the problem.
> > > > I've modified set_cas_server and get_cas_server subroutines. In 
> > > > set_cas_server I've added
> > > > $value++;
> > > > before calling new CGI::Cookie.
> > > > In get_cas_server I have now
> > > >   my $http_cookie = shift;
> > > >    #return &generic_get_cookie($http_cookie, 'cas_server');
> > > >    my $value = &generic_get_cookie($http_cookie, 'cas_server');
> > > >    $value--;
> > > >    return $value;
> > > >
> > > > and CAS logout works.
> > > Didn't the patch we provided fix this problem?
> > No, I have had the same problem with CAS logout in 5.4.2, but after 
> > upgrading CGI::Cookie to v. 3.35 cas_server cookie is set to 0 and CAS 
> > logout works.
> OK, so if I increase the Sympa requirements to the version 3.35 of the 
> CGI module, it should fix your problem without any change in the code?
Yes.
...
> > My CAS SSOut changes, which I've sent you yesterday work in version 
> > 5.4.2.
> Good.
> A remark from one of my colleagues:
> "I don't see which event triggers the logout from the CAS server's 
> initiative".
During CAS logout CAS server sends POST request to the Sympa URL for 
which service ticket was given - lines
if ($in{'logoutRequest'}=~/(S|P)T\-/) { # the request contain a CAS 
named ticket that use CAS ticket format
      &SympaSession::delete_cassession($in{'logoutRequest'});
      exit(0);
}

Maja


--
Maja Gorecka-Wolniewicz          address@concealed
             http://www.umk.pl/~mgw
             PGP key: http://www.umk.pl/~mgw/pgp_pub_key.asc
Uczelniane Centrum               Information & Communication
Informatyczne                    Technology Centre
Uniwersytet Mikolaja Kopernika   Nicolaus Copernicus University
Coll. Maximum, pl. Rapackiego 1, 87-100 Torun, Poland
tel.: +48 56-611-27-40 fax: +48 56-622-18-50 tel. kom.: +48-693032574

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature