[dev] Authentication none and CAS
Xavier Montagutelli
xavier.montagutelli at unilim.fr
Mon Dec 17 15:59:49 UTC 2012
Le 17/12/2012 14:54, Jan Schneider a écrit :
>
> Zitat von Alfonso Marín Marín <almarin at um.es>:
>
>> Hi:
>>
>> We are trying to adapt the CAS driver ESUP
>> (http://www.esup-portail.org/display/PROJHORDE/Horde-esup) to
>> authenticate Horde 5 with CAS.
Did you start with this version ?
http://subversion.cru.fr/esup-horde/trunk
>> This driver has the capability to
>> transparently authenticate and implements transparent() function,
>> which is responsible for redirecting the CAS website if no horde
>> session exists.
>>
>> The problem we have is that this function is always called, even from
>> those scripts that are configured with the argument 'authentication'
>> => 'none', and the driver always redirects to horde even for those not
>> authenticated scripts. I think there is no way of knowing this
>> situation from inside the function or the driver initialization,
>> because that argument is protected in Horde_Registry.
>>
>> Perhaps there is some way to detect this situation, any idea?. An easy
>> solution would be to incorporate a function as Horde_Registry ::
>> getArgs () to access the registry configuration arguments.
>
> You must not redirect the browser from inside of the authentication driver.
--
Xavier Montagutelli Tél +33 (0)5 55 45 77 20
Direction des Systèmes d'Information Fax +33 (0)5 55 45 75 95
Universite de Limoges
123, avenue Albert Thomas
87060 Limoges cedex
More information about the dev
mailing list