[Pkg-cas-maintainers] Mod_auth_cas 1.0.8 and final redirection

Olivier Berger olivier.berger at it-sudparis.eu
Thu Nov 13 09:04:15 UTC 2008 

Hi.

FYI, I've committed an additional patch to the package in order to
address that redirection problem.

I also subscribed to that RSS feed :
http://developer.ja-sig.org/source/changelog/~rss/jasigsvn/cas-clients/mod_auth_cas/rss.xml in order to try and watch such commits made by upstream.

Haven't had time to test yet, btw.

Hope this helps.

Best regards,

Le mercredi 12 novembre 2008 à 14:49 -0500, Phil Ames a écrit :
> Hi,
> This was my bad.  I believe it has been fixed in trunk (as well as an
> automake error).  

SNIP

On Wed, Nov 12, 2008 at 2:37 PM, Brian Donnelly <bdonnelly at ucdavis.edu>
wrote:
> > Hello,
> >
> > We recently attempted to upgrade our Shilbboleth Identity provider from
> > mod_auth_cas 1.0.7 to 1.0.8 and encountered some unexpected problems.  Urls
> > passing through mod_auth_cas to the Shibboleth IDP would end up with
> > double-url encoded query parameters, resulting in invalid urls.
> >
> > I have looked through the 1.0.8 code and traced the issue back to the new
> > final redirection which strips the ticket parameter from the url.  This
> > redirection performs a url-encoding of the query string of the url.  This
> > url-encoding ultimately redirects the user to a url that is not exactly the
> > same as the originating url.  The Shibboleth IDP makes heavy use of urls in
> > the query string which become garbled when url-encoded.
> >
> > Is this url-encoding of the query string on the final redirect intended
> > behavior?
> >
> > If not I would like to submit the attached mod_auth_cas.c file as a patch
> > for the issue.
> >
> > Regards,
> >
> > Brian Donnelly
> > --
> > University of California, Davis
> > Information and Educational Technology
> > Application Development - Infrastructure Team
> > 3820 Chiles Rd. Davis, CA 95616
> > (530) 754-5909
> >
-- 
Olivier BERGER <olivier.berger at it-sudparis.eu>
http://www-public.it-sudparis.eu/~berger_o/ - OpenPGP-Id: 1024D/6B829EEC
Ingénieur Recherche - Dept INF
Institut TELECOM, SudParis (http://www.it-sudparis.eu/), Evry (France)

More information about the Pkg-cas-maintainers mailing list