[dev] Authentication none and CAS
Alfonso Marín Marín
almarin at um.es
Tue Dec 18 10:56:34 UTC 2012
El 17/12/12 16:59, Xavier Montagutelli escribió:
> Le 17/12/2012 14:54, Jan Schneider a écrit :
>>
>> Zitat von Alfonso Marín Marín <almarin at um.es>:
>>
>>> Hi:
>>>
>>> We are trying to adapt the CAS driver ESUP
>>> (http://www.esup-portail.org/display/PROJHORDE/Horde-esup) to
>>> authenticate Horde 5 with CAS.
>
>
> Did you start with this version ?
>
> http://subversion.cru.fr/esup-horde/trunk
Yes, those folks have done a good work.
>
>>> This driver has the capability to
>>> transparently authenticate and implements transparent() function,
>>> which is responsible for redirecting the CAS website if no horde
>>> session exists.
>>>
>>> The problem we have is that this function is always called, even from
>>> those scripts that are configured with the argument 'authentication'
>>> => 'none', and the driver always redirects to horde even for those not
>>> authenticated scripts. I think there is no way of knowing this
>>> situation from inside the function or the driver initialization,
>>> because that argument is protected in Horde_Registry.
>>>
>>> Perhaps there is some way to detect this situation, any idea?. An easy
>>> solution would be to incorporate a function as Horde_Registry ::
>>> getArgs () to access the registry configuration arguments.
>>
>> You must not redirect the browser from inside of the authentication
>> driver.
>
>
--
Alfonso Marín Marín
Sección de Telemática - ATICA
Universidad de Murcia
http://www.um.es/atica
Tlf: 868 88 91 50
More information about the dev
mailing list