Scott Battaglia a écrit : > On Sun, Jun 29, 2008 at 5:22 AM, Pascal Aubry > <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>> > wrote: > > Scott Battaglia a écrit : >> CAS3 supports the url parameter for passing the value to the >> logout page for displaying "Click here to go back to your >> application." >> >> I can't speak for what CAS1 or CAS2 did. I don't believe there >> was an official way to do this sort of redirect, though I believe >> Yale had implemented a way unofficially. > I also believe that there was no official way to do it. Speaking > of what I know, the *service *parameter was used in the packages > esup-cas-server and esup-cas-quick-start (cas v2) to pass the > logout url to the cas server, i.e. the url the cas server should > redirect the user to after logout. The feature had been proposed > to the cas developers (Drew Mazurek was managing cas at this time > if I remember well) but never added, so class > edu.yale.its.tp.cas.servlet.Logout had been patched and the logout > feature added to 'our' cas distribution. > Now that cas v3 supports sign out, I think that one parameter only > should be used, but which one? Julien (thanks to him) had a look > at the cas sources and here is below what he saw. Scott, feel free > to correct us if we are wrong. > > The way the user is redirected after logout depends on the > parameter p:followServiceRedirects of the logout controller (cf > WEB-INF/cas-servlet.xml): > > * if true, cas uses parameter *service *(cf > > https://www.ja-sig.org/svn/cas3/trunk/cas-server-core/src/main/java/org/jasig/cas/web/LogoutController.java) > to redirect the user automatically > * if false (by default), cas uses parameter *url *to present a > link after logout (cf > > https://www.ja-sig.org/svn/cas3/trunk/cas-server-webapp/src/main/webapp/WEB-INF/view/jsp/default/ui/casLogoutView.jsp). > > According to > http://www.ja-sig.org/products/cas/overview/protocol/index.html > section 2.3.1, the *url *should be used only. > > > The specification states that the url parameter tells CAS what to > display on the logout page, so the CAS v3 is doing the correct behavior. > > > > I think that what we should do is: > > * make LogoutController.java use *url *instead of *service* > > The behavior of the LogoutController won't change. Its correct. url > is displayed and service redirects (if its turned on). Ok. Since phpCAS does not know how the cas server behaves (redirects or shows a link), it has to pass both url and service parameters. Can you confirm this? > > * > > > * make phpCAS use *url *to comply to the specs, and also use > *service *until release 1.1 > > Using url won't redirect you. Only service will. That's not going to > change. Understood. The service parameter has to be passed as well and will not be removed. > > * Let local adapters (such as Adam with his *destination > *parameter) patch phpCAS locally to also pass their > parameter at logout > No change here. Just one last question: why does cas need two parameters? I feel that the service parameter could be used instead of the url parameter everywhere, and that the url parameter is not really needed. Am I wrong? Are there any scenario where the two parameters could have different values? PA > > * Strongly invite phpCAS users to switch to the official cas > v3 asap. > > btw, http://developer.ja-sig.org/source/ does not respond this > morning. > > Yes, we're working on doing some testing of FishEye with Atlassian > and they want us to test it without the HTTP connector (which means > you guys can't see it). You can still do https://www.ja-sig.org/svn > I'm not sure unfortunately when we'll have it available to the public > again . You're the first one to notice (or at least say anything ;-)). > > -Scott > > > > PA > >> -Scott >> >> -Scott Battaglia >> PGP Public Key Id: 0x383733AA >> LinkedIn: http://www.linkedin.com/in/scottbattaglia >> >> On Sun, Jun 29, 2008 at 12:10 AM, Adam Moore >> <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>> wrote: >> >> So would I be correct in saying: >> >> CAS 1: ?url= >> CAS 2: ?destination= >> CAS 3: ?service= >> >> Scott Battaglia wrote: >>> CAS 3 will follow the service url for redirecting back if >>> its enabled on the LogoutController. If the other parameters >>> are there it will probably ignore them. >>> >>> -Scott >>> >>> -Scott Battaglia >>> PGP Public Key Id: 0x383733AA >>> LinkedIn: http://www.linkedin.com/in/scottbattaglia >>> >>> On Thu, Jun 26, 2008 at 3:57 PM, Pascal Aubry >>> <[EMAIL PROTECTED] >>> <mailto:[EMAIL PROTECTED]>> wrote: >>> >>> Adam Moore a écrit : >>> > I see in the logout method it is using ?service= for >>> logout url. >>> > Currently within another project I am working on >>> people have different >>> > parameters for the logout url. For me ?destination= >>> is what works. >>> > For others ?url= is what works and sometimes ?service= >>> works. Looking >>> > at the documentation for cas, it seems cas 1.0 uses >>> ?url=. The way we >>> > handled it in this project is to specify all three on >>> the logout url >>> > and the server can decide which one to use. >>> > >>> > So line 930 in the client.php file could look like this. >>> > >>> > $url = '?service=' . $url . '&destination=' . $url . >>> '&service=' . $url; >>> > >>> > Thoughts? >>> > >>> > Adam >>> Hi Adam, >>> I feel that passing the three parameters is the quick >>> and dirty way to >>> make it work. I did it for 1.0.0RC2, please test. >>> However, I think that one parameter should be enough. >>> What do CAS >>> developers think about it? >>> PA >>> >>> -- >>> http://perso.univ-rennes1.fr/pascal.aubry >>> >>> _______________________________________________ >>> Yale CAS mailing list >>> [email protected] <mailto:[email protected]> >>> http://tp.its.yale.edu/mailman/listinfo/cas >>> >>> >>> >>> ------------------------------------------------------------------------ >>> _______________________________________________ Yale CAS >>> mailing list [email protected] >>> <mailto:[email protected]> >>> http://tp.its.yale.edu/mailman/listinfo/cas >> >> _______________________________________________ >> Yale CAS mailing list >> [email protected] <mailto:[email protected]> >> http://tp.its.yale.edu/mailman/listinfo/cas >> >> >> ------------------------------------------------------------------------ >> _______________________________________________ Yale CAS mailing >> list [email protected] <mailto:[email protected]> >> http://tp.its.yale.edu/mailman/listinfo/cas > > > -- > http://perso.univ-rennes1.fr/pascal.aubry > > > _______________________________________________ > Yale CAS mailing list > [email protected] <mailto:[email protected]> > http://tp.its.yale.edu/mailman/listinfo/cas > > > ------------------------------------------------------------------------ > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas >
-- http://perso.univ-rennes1.fr/pascal.aubry _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
