[dev] Authentication none and CAS
Jan Schneider
jan at horde.org
Tue Dec 18 11:15:09 UTC 2012
Zitat von Alfonso Marín Marín <almarin at um.es>:
> El 17/12/12 14:54, Jan Schneider escribió:
>>
>> Zitat von Alfonso Marín Marín <almarin at um.es>:
>>
>>> Hi:
>>>
>>> We are trying to adapt the CAS driver ESUP
>>> (http://www.esup-portail.org/display/PROJHORDE/Horde-esup) to
>>> authenticate Horde 5 with CAS. This driver has the capability to
>>> transparently authenticate and implements transparent() function,
>>> which is responsible for redirecting the CAS website if no horde
>>> session exists.
>>>
>>> The problem we have is that this function is always called, even
>>> from those scripts that are configured with the argument
>>> 'authentication' => 'none', and the driver always redirects to
>>> horde even for those not authenticated scripts. I think there is
>>> no way of knowing this situation from inside the function or the
>>> driver initialization, because that argument is protected in
>>> Horde_Registry.
>>>
>>> Perhaps there is some way to detect this situation, any idea?. An
>>> easy solution would be to incorporate a function as Horde_Registry
>>> :: getArgs () to access the registry configuration arguments.
>>
>> You must not redirect the browser from inside of the authentication driver.
> Ok, understood, but I think redirection is a basic mechanism used by
> many web SSO for establishing sessions transparently to the user, so
> I think Horde should consider that possibility.
Horde has a configuration for that since at least a decade.
--
Jan Schneider
The Horde Project
http://www.horde.org/
More information about the dev
mailing list