siacali commented on a change in pull request #455: GUACAMOLE-361: CAS global
logout
URL: https://github.com/apache/guacamole-client/pull/455#discussion_r355072811
##########
File path:
extensions/guacamole-auth-cas/src/main/java/org/apache/guacamole/auth/cas/ticket/TicketValidationService.java
##########
@@ -134,7 +140,13 @@
}
catch (TicketValidationException e) {
- throw new GuacamoleException("Ticket validation failed.", e);
+ throw new GuacamoleInvalidCredentialsException("Ticket validation
failed.",
+ new CredentialsInfo(Arrays.asList(new Field[] {
+ // Will automatically redirect the user
+ // to the CAS logout page
+ new CASLogoutField(confService.getLogoutURI())
+
+ })));
Review comment:
Yeah...this is one part that I am very uncomfortable with...I agree with
your statement ("we *should*...") but this gets called (and crashes the module
or results in loops between CAS and Guacamole without my changes) long before
the AuthenticatedUser.shutdown() actually gets called.
This is pretty much a hack in lieu of resolving other issues...
The state that occurs when this exception is triggered is that...the system
believes (probably incorrectly) that it has an invalid ticket (but CAS seems
to think the user is still logged in) and the user is still logged into
Guacamole.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
