[dev] Authentication none and CAS

Alfonso Marín Marín almarin at um.es
Tue Dec 18 12:48:58 UTC 2012


El 18/12/12 12:15, Jan Schneider escribió:
>
> Zitat von Alfonso Marín Marín <almarin at um.es>:
>
>> El 17/12/12 14:54, Jan Schneider escribió:
>>>
>>> Zitat von Alfonso Marín Marín <almarin at um.es>:
>>>
>>>> Hi:
>>>>
>>>> We are trying to adapt the CAS driver ESUP 
>>>> (http://www.esup-portail.org/display/PROJHORDE/Horde-esup) to 
>>>> authenticate Horde 5 with CAS. This driver has the capability to 
>>>> transparently authenticate and implements transparent() function, 
>>>> which is responsible for redirecting the CAS website if no horde 
>>>> session exists.
>>>>
>>>> The problem we have is that this function is always called, even 
>>>> from those scripts that are configured with the argument 
>>>> 'authentication' => 'none', and the driver always redirects to 
>>>> horde even for those not authenticated scripts. I think there is no 
>>>> way of knowing this situation from inside the function or the 
>>>> driver initialization, because that argument is protected in 
>>>> Horde_Registry.
>>>>
>>>> Perhaps there is some way to detect this situation, any idea?. An 
>>>> easy solution would be to incorporate a function as Horde_Registry 
>>>> :: getArgs () to access the registry configuration arguments.
>>>
>>> You must not redirect the browser from inside of the authentication 
>>> driver.
>> Ok, understood, but I think redirection is a basic mechanism used by 
>> many web SSO for establishing sessions transparently to the user, so 
>> I think Horde should consider that possibility.
>
> Horde has a configuration for that since at least a decade.
Sorry Jan, I'm starting with Horde 5, and redirecting from the driver 
worked without problem in Horde 3, so we did not need to explore other 
possibilities.
I guess the configuration you mention is to use alternate_login, right?

-- 
Alfonso Marín Marín
Sección de Telemática - ATICA
Universidad de Murcia
http://www.um.es/atica
Tlf: 868 88 91 50



More information about the dev mailing list