CAS2 authentication plugin does not test service availability
-------------------------------------------------------------
Key: NXP-5188
URL: https://jira.nuxeo.org/browse/NXP-5188
Project: Nuxeo Enterprise Platform
Issue Type: Improvement
Components: Security
Affects Versions: 5.3.2
Environment: Debian / nuxeo dm 5.3.1 + JBoss / PostgreSQL 8.4
Reporter: Gael Nieutin
Priority: Major
Hi,
The cas2 plugin does not test if the cas serveur is available. So if for any
reason the cas server is down, there is no test and the add-on redirect to the
downed cas server ----> the browser tell me it cannot establish connection, and
that's it. I can't access to my nuxeo server.
Here is my authentication chain :
<authenticationChain>
<plugins>
<plugin>BASIC_AUTH</plugin>
<plugin>CAS2_AUTH</plugin>
<plugin>PORTAL_AUTH</plugin>
<plugin>FORM_AUTH</plugin>
</plugins>
</authenticationChain>
I have downloaded the plugin sources and add a patch that makes it works as it
should be (you will find the diff attached). I am sure the way I did it is not
the cleanest, but it works in my case. It try to create a socket connection to
the cas server, if not, just return false so the NuxeoAuthenticationFilter (in
its handlePrompt() method) know that this authentication is not possible and
ask the next plugin in the chain to do the work.
Can you tell me if there was an existing way for that? Do you think you will
integrated this feature in next release of that add-on ?
P.S: see http://www.nuxeo.org/discussions/thread.jspa?threadID=3728 where I
asked for information about that.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.nuxeo.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
_______________________________________________
ECM-tickets mailing list
[email protected]
http://lists.nuxeo.com/mailman/listinfo/ecm-tickets
