Am 04.08.2011 14:30, schrieb Nagasashi:
Hi there,
I'm a student and i need to use phpCAS for my project.
I have implented phpCAS in my web site to manage adiminstrative access.
I have configure it (cas auth server adress, port, and uri).
When i'm going to mywebsite/admin, i have an acces to my SSO's main page, i'm writing my username
and my password. But when i click on "log in", i'm redirect on
"[my_web_site]/admin/?ticket=?ticket_number]-[SSO_server_name]". And every half second,
the page refreshes and the [ticket_number] change.
So, any help is welcome
Please append a phpcas debug log so that we can see what phpcas is doing
on your app. I suspect you have a wrong integration of phpcas in your code.
After successfull authentication phpcas does a reload of the website to
remove the used and authenticated ticket from the url. (Prevents a
possible leak of the "secret" ticket to other website via referrer etc.)
It looks like you app fails to reload properly and tries a
reauthentication. This can happen if you don't integrate phpcas properly
in your app/session/authentication. You can disable the reload with
phpCAS::setNoClearTicketsFromUrl() which then is not as secure but
should work if your integration is not completely wrong. ;)
If you can share your code we can probably help you to integrate it
properly or please check out the examples in the wiki for. If you don't
want to share it publicly on the list you can also send the data
directly to me.
Regards,
Joachim
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
