The mailing list for listmasters using Sympa

["Paul Grzesina" <address@concealed>]

I mentioned this problem off list, but now that I have a solution I'll post 
it here and hope the change gets incorporated in the next release.

Briefly, when CAS was enabled, if you weren't already authenticated against 
CAS, the browser would go into a redirect loop when you went to Sympa. If you 
were authenticated, Sympa would not get the user information. Below are 
patches to wwsympa.fcgi and Conf.pm that fixed the issue for me:

--- wwsympa.fcgi        2015-03-23 15:26:52.000000000 -0600
+++ /home/sympa/bin/wwsympa.fcgi        2015-03-31 09:51:07.000000000 -0600
@@ -1471,11 +1471,11 @@
                     ## don't have more then 10 CAS servers (because we don't
                     ## properly split the list of values)
                     $log->syslog('debug',
-                        "check_cas checker_cas : $session->{'checked_cas'} 
current cas_id 
$Conf::Conf{'cas_id'}{$robot}{$auth_service->{'auth_service_name'}}"
+                        "check_cas checker_cas : $session->{'checked_cas'} 
current cas_id 
$Conf::Conf{'cas_id'}{$robot}{$auth_service->{'auth_service_name'}}{'casnum'}"
                     );
                     next
                         if ($session->{'checked_cas'} =~
-                        
/$Conf::Conf{'cas_id'}{$robot}{$auth_service->{'auth_service_name'}}/
+                        
/$Conf::Conf{'cas_id'}{$robot}{$auth_service->{'auth_service_name'}}{'casnum'}/
                         );

                     # before redirect update the list of already checked cas
@@ -1487,7 +1487,7 @@
                     ## CAS servers
                     $session->{'checked_cas'} .=
                         $Conf::Conf{'cas_id'}{$robot}
-                        {$auth_service->{'auth_service_name'}};
+                        {$auth_service->{'auth_service_name'}}{'casnum'};

                     my $redirect_url =
                         $cas_server->getServerLoginGatewayURL($return_url);
@@ -3877,7 +3877,7 @@
     ## This is a CAS service
     if (defined(
             my $cas_id =
-                $Conf::Conf{'cas_id'}{$robot}{$in{'auth_service_name'}}
+                
$Conf::Conf{'cas_id'}{$robot}{$in{'auth_service_name'}}{'casnum'}
         )
         ) {
         my $cas_server =
@@ -3891,7 +3891,7 @@

         $session->{'checked_cas'} = $cas_id;
         my $service = "$param->{'base_url'}$param->{'path_cgi'}" . $path;
-
+wwslog('info', '(cas_server %s)', $cas_id);
         my $redirect_url = $cas_server->getServerLoginURL($service);
         wwslog('info', '(%s)', $redirect_url);
         if ($redirect_url =~ /http(s)+\:\//i) {


--- Conf.pm     2015-03-13 07:09:03.000000000 -0600
+++ /home/sympa/bin/Conf.pm     2015-03-31 09:06:47.000000000 -0600
@@ -1206,6 +1206,7 @@
                     }

                     $Conf{'cas_number'}{$robot}++;
+                    
$Conf{'cas_id'}{$robot}{$current_paragraph->{'auth_service_name'}}{'casnum'} 
=  $#paragraphs+1 ;

                     ## Default value for auth_service_friendly_name IS
                     ## auth_service_name