[dev] Authentication none and CAS

Alfonso Marín Marín almarin at um.es
Tue Dec 18 16:48:35 UTC 2012


El 18/12/12 14:49, Xavier Montagutelli escribió:
> Le Tuesday 18 December 2012 11:56:34, Alfonso Marín Marín a écrit :
>> El 17/12/12 16:59, Xavier Montagutelli escribió:
>>> Le 17/12/2012 14:54, Jan Schneider a écrit :
>>>> Zitat von Alfonso Marín Marín <almarin at um.es>:
>>>>> Hi:
>>>>>
>>>>> We are trying to adapt the CAS driver ESUP
>>>>> (http://www.esup-portail.org/display/PROJHORDE/Horde-esup) to
>>>>> authenticate Horde 5 with CAS.
>>> Did you start with this version ?
>>>
>>> http://subversion.cru.fr/esup-horde/trunk
>> Yes, those folks have done a good work.
> If you improve the driver, could you let me know ? I think I still have access
> to the repository. I don't have many interest now in Horde, but it can save
> time for other people.
Of course, I'll try to make it work with Horde 5 and I'll let you know.

>
>>>>> This driver has the capability to
>>>>> transparently authenticate and implements transparent() function,
>>>>> which is responsible for redirecting the CAS website if no horde
>>>>> session exists.
>>>>>
>>>>> The problem we have is that this function is always called, even from
>>>>> those scripts that are configured with the argument 'authentication'
>>>>> => 'none', and the driver always redirects to horde even for those not
>>>>> authenticated scripts. I think there is no way of knowing this
>>>>> situation from inside the function or the driver initialization,
>>>>> because that argument is protected in Horde_Registry.
>>>>>
>>>>> Perhaps there is some way to detect this situation, any idea?. An easy
>>>>> solution would be to incorporate a function as Horde_Registry ::
>>>>> getArgs () to access the registry configuration arguments.
>>>> You must not redirect the browser from inside of the authentication
>>>> driver.



More information about the dev mailing list