[dev] Authentication none and CAS
Alfonso Marín Marín
almarin at um.es
Tue Dec 18 10:53:35 UTC 2012
El 17/12/12 14:54, Jan Schneider escribió:
>
> Zitat von Alfonso Marín Marín <almarin at um.es>:
>
>> Hi:
>>
>> We are trying to adapt the CAS driver ESUP
>> (http://www.esup-portail.org/display/PROJHORDE/Horde-esup) to
>> authenticate Horde 5 with CAS. This driver has the capability to
>> transparently authenticate and implements transparent() function,
>> which is responsible for redirecting the CAS website if no horde
>> session exists.
>>
>> The problem we have is that this function is always called, even from
>> those scripts that are configured with the argument 'authentication'
>> => 'none', and the driver always redirects to horde even for those
>> not authenticated scripts. I think there is no way of knowing this
>> situation from inside the function or the driver initialization,
>> because that argument is protected in Horde_Registry.
>>
>> Perhaps there is some way to detect this situation, any idea?. An
>> easy solution would be to incorporate a function as Horde_Registry ::
>> getArgs () to access the registry configuration arguments.
>
> You must not redirect the browser from inside of the authentication
> driver.
Ok, understood, but I think redirection is a basic mechanism used by
many web SSO for establishing sessions transparently to the user, so I
think Horde should consider that possibility.
--
Alfonso Marín Marín
Sección de Telemática - ATICA
Universidad de Murcia
http://www.um.es/atica
Tlf: 868 88 91 50
More information about the dev
mailing list