Hi all,
During our SOGo tests at the University of Rennes 1, we added a
parameter that allows each of our SOGo servers to have its own CAS proxy
callback URL.
Explanation: our SOGo servers are all behind a frontal Apache
load-balancer. Adding a shared memcached server appeared to us as
another weakness in our architecture, so we decided that each SOGo
server would use its own memcached daemon and respond itself to its PGT
callback requests from the CAS server (we use this deployment scheme for
years with uPortal).
The new parameter is named SOGoCASProxyCallbackURL:
* If not set, the callback URL is built 'normally' (based on the
request host and path).
* If set (e.g. https://sogo3.domain.com/SOGo/casProxy), it is passed
as-is to the CAS server on ticket validation.
Changes (relative to 1.3.4) below. Who should we ask to add this patch
to the main branch?
Best,
PA
diff -Nbaur --exclude=config.make --exclude=configure --exclude='LDAPSource.*'
SOGo-1.3.4-dist/SoObjects/SOGo/SOGoCASSession.m
SOGo-1.3.4/SoObjects/SOGo/SOGoCASSession.m
--- SOGo-1.3.4-dist/SoObjects/SOGo/SOGoCASSession.m 2010-11-17
17:30:03.000000000 +0100
+++ SOGo-1.3.4/SoObjects/SOGo/SOGoCASSession.m 2010-11-26 14:21:58.000000000
+0100
@@ -365,11 +365,20 @@
WOApplication *application;
NSString *pgtURL;
WORequest *request;
+ SOGoSystemDefaults *sd;
+ NSString *CASProxyCallbackURL;
+ sd = [SOGoSystemDefaults sharedSystemDefaults];
+ CASProxyCallbackURL = [sd CASProxyCallbackURL];
+ if ([CASProxyCallbackURL length])
+ pgtURL = CASProxyCallbackURL;
+ else
+ {
application = [WOApplication application];
request = [[application context] request];
pgtURL = [NSString stringWithFormat: @"https://%@/%@/casProxy";,
[soURL host], [request applicationName]];
+ }
return pgtURL;
}
diff -Nbaur --exclude=config.make --exclude=configure --exclude='LDAPSource.*'
SOGo-1.3.4-dist/SoObjects/SOGo/SOGoSystemDefaults.h
SOGo-1.3.4/SoObjects/SOGo/SOGoSystemDefaults.h
--- SOGo-1.3.4-dist/SoObjects/SOGo/SOGoSystemDefaults.h 2010-11-17
17:30:03.000000000 +0100
+++ SOGo-1.3.4/SoObjects/SOGo/SOGoSystemDefaults.h 2010-11-26
13:53:39.000000000 +0100
@@ -67,6 +67,7 @@
- (NSString *) CASServiceURL;
- (BOOL) CASLogoutEnabled;
+- (NSString *) CASProxyCallbackURL;
- (BOOL) enablePublicAccess;
diff -Nbaur --exclude=config.make --exclude=configure --exclude='LDAPSource.*'
SOGo-1.3.4-dist/SoObjects/SOGo/SOGoSystemDefaults.m
SOGo-1.3.4/SoObjects/SOGo/SOGoSystemDefaults.m
--- SOGo-1.3.4-dist/SoObjects/SOGo/SOGoSystemDefaults.m 2010-11-17
17:30:03.000000000 +0100
+++ SOGo-1.3.4/SoObjects/SOGo/SOGoSystemDefaults.m 2010-11-26
13:53:59.000000000 +0100
@@ -311,6 +311,11 @@
return [self boolForKey: @"SOGoCASLogoutEnabled"];
}
+- (NSString *) CASProxyCallbackURL
+{
+ return [self stringForKey: @"SOGoCASProxyCallbackURL"];
+}
+
- (BOOL) enablePublicAccess
{
return [self boolForKey: @"SOGoEnablePublicAccess"];
--
[email protected]
https://inverse.ca/sogo/lists
