Skip to Content.
Sympa Menu

en - Re: [sympa-users] CAS in Sympa 6.2b9

Subject: The mailing list for listmasters using Sympa

List archive

Chronological Thread  
  • From: David Verdin <address@concealed>
  • To: address@concealed
  • Subject: Re: [sympa-users] CAS in Sympa 6.2b9
  • Date: Tue, 31 Mar 2015 18:09:56 +0200

Thanks a lot Paul,

I'll review your patch and integrate it to the next Sympa release.

Best regards,

David

Le 31/03/15 18:07, Paul Grzesina a écrit :
I mentioned this problem off list, but now that I have a solution I'll post it here and hope the change gets incorporated in the next release.

Briefly, when CAS was enabled, if you weren't already authenticated against CAS, the browser would go into a redirect loop when you went to Sympa. If you were authenticated, Sympa would not get the user information. Below are patches to wwsympa.fcgi and Conf.pm that fixed the issue for me:

--- wwsympa.fcgi        2015-03-23 15:26:52.000000000 -0600
+++ /home/sympa/bin/wwsympa.fcgi        2015-03-31 09:51:07.000000000 -0600
@@ -1471,11 +1471,11 @@
                     ## don't have more then 10 CAS servers (because we don't
                     ## properly split the list of values)
                     $log->syslog('debug',
-                        "check_cas checker_cas : $session->{'checked_cas'} current cas_id $Conf::Conf{'cas_id'}{$robot}{$auth_service->{'auth_service_name'}}"
+                        "check_cas checker_cas : $session->{'checked_cas'} current cas_id $Conf::Conf{'cas_id'}{$robot}{$auth_service->{'auth_service_name'}}{'casnum'}"
                     );
                     next
                         if ($session->{'checked_cas'} =~
-                        /$Conf::Conf{'cas_id'}{$robot}{$auth_service->{'auth_service_name'}}/
+                        /$Conf::Conf{'cas_id'}{$robot}{$auth_service->{'auth_service_name'}}{'casnum'}/
                         );

                     # before redirect update the list of already checked cas
@@ -1487,7 +1487,7 @@
                     ## CAS servers
                     $session->{'checked_cas'} .=
                         $Conf::Conf{'cas_id'}{$robot}
-                        {$auth_service->{'auth_service_name'}};
+                        {$auth_service->{'auth_service_name'}}{'casnum'};

                     my $redirect_url =
                         $cas_server->getServerLoginGatewayURL($return_url);
@@ -3877,7 +3877,7 @@
     ## This is a CAS service
     if (defined(
             my $cas_id =
-                $Conf::Conf{'cas_id'}{$robot}{$in{'auth_service_name'}}
+                $Conf::Conf{'cas_id'}{$robot}{$in{'auth_service_name'}}{'casnum'}
         )
         ) {
         my $cas_server =
@@ -3891,7 +3891,7 @@

         $session->{'checked_cas'} = $cas_id;
         my $service = "$param->{'base_url'}$param->{'path_cgi'}" . $path;
-
+wwslog('info', '(cas_server %s)', $cas_id);
         my $redirect_url = $cas_server->getServerLoginURL($service);
         wwslog('info', '(%s)', $redirect_url);
         if ($redirect_url =~ /http(s)+\:\//i) {


--- Conf.pm     2015-03-13 07:09:03.000000000 -0600
+++ /home/sympa/bin/Conf.pm     2015-03-31 09:06:47.000000000 -0600
@@ -1206,6 +1206,7 @@
                     }

                     $Conf{'cas_number'}{$robot}++;
+                    $Conf{'cas_id'}{$robot}{$current_paragraph->{'auth_service_name'}}{'casnum'} =  $#paragraphs+1 ;

                     ## Default value for auth_service_friendly_name IS
                     ## auth_service_name




--
A bug in Sympa? Quick! To the bug tracker!

 
David Verdin
Études et projets applicatifs
 
Tél : +33 2 23 23 69 71
Fax : +33 2 23 23 71 21
 
www.renater.fr
RENATER
263 Avenue du Gal Leclerc
35042 Rennes Cedex



PNG image

Attachment: smime.p7s
Description: Signature cryptographique S/MIME




Archive powered by MHonArc 2.6.19+.

Top of Page