Hi Marvin,
I gave a look at the phpCAS examples and it's funny.
The phpCAS methods have no explicit call of any of the certificate
dealing functions.
So I just added a
phpCAS::setNoCasServerValidation();
immediately before of the call to:
if (phpCAS::checkAuthentication()) {
$frm->username=phpCAS::getUser();
// if (phpCAS::getUser()=='esup9992')
// $frm->username='erhar0062';
$frm->password="passwdCas";
return;
}
What happens is:
- withouth the call to setNoCasServerValidation(), I get the error
phpCAS error: phpCAS::checkAuthentication(): one of the methods
phpCAS::setCasServerCert(), phpCAS::setCasServerCACert() or
phpCAS::setNoCasServerValidation() must be called. in
/www/moodle/auth/cas/auth.php on line 111
- with the call, the browser seems to take the eternity to check it and
either stays in "waiting for
https://moodle.myserver.../devmoodle/login/index.php" or - after over
4-5 minutes - "CAS Authentication failed" (despite seeing from the logs that
2009-10-20 10:14:57,978 INFO
[org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service
ticket [ST-3-MzeLUrYcohZvMaBLBbny-cas] for service
[https://moodle.myserver.../devmoodle/login/index.php] for user [user]>
2009-10-20 10:15:08,169 INFO
[org.jasig.cas.services.DefaultServicesManagerImpl] - <Reloading
registered services.>
2009-10-20 10:15:08,169 INFO
[org.jasig.cas.services.DefaultServicesManagerImpl] - <Loaded 0 services.>
I start being really puzzled -_-
Giuseppe
Marvin Addison wrote:
Or is it maybe a configuration issue? Do I have to activate the certificate
check somewhere?
Yes. Hopefully someone with Moodle experience can chime in here -- I
didn't even realize Moodle used phpCAS. Once you find the right place
in Moodle to configure the phpCAS client,
http://www.ja-sig.org/wiki/display/CASC/phpCAS+examples give examples
of both disabling the cert check (not recommended) and enabling an
explicity trust check.
M
--
Giuseppe Sollazzo
Systems Developer / Administrator
Computing Services
St. George's, University of London
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user