Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-22469

CAS module : parameter authCAS=NOCAS not properly handled

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.9, 1.9.13, 2.3.2, 2.7
    • Fix Version/s: 2.6.5, 2.7.2
    • Component/s: Authentication
    • Labels:
    • Environment:
      CAS authentication
    • Testing Instructions:
      Hide

      Prerequisites:

      • You need to have CAS server (SSO) authentication method enabled with the setting "Multi-authentication" set to "yes"
      • You need two account. One using CAS authentication method, one using manual authentication method.

      To reproduce:

      • Go to login/index.php. You should see the double auth method page.
      • Connect with the CAS auth method using the CAS user.
      • Disconnect yourself
      • Go to login/index.php You should see the double authentication page proposing you to choose your authentication method.
      • Go to login/index.php?authCAS=NOCAS You should see the normal authentication page.
      • Connect with this the manual user. All should be ok.
      • Disconnect yourself
      • Go to login/index.php?authCAS=CAS You should be reconnected with your CAS user
      Show
      Prerequisites: You need to have CAS server (SSO) authentication method enabled with the setting "Multi-authentication" set to "yes" You need two account. One using CAS authentication method, one using manual authentication method. To reproduce: Go to login/index.php. You should see the double auth method page. Connect with the CAS auth method using the CAS user. Disconnect yourself Go to login/index.php You should see the double authentication page proposing you to choose your authentication method. Go to login/index.php?authCAS=NOCAS You should see the normal authentication page. Connect with this the manual user. All should be ok. Disconnect yourself Go to login/index.php?authCAS=CAS You should be reconnected with your CAS user
    • Difficulty:
      Easy
    • Affected Branches:
      MOODLE_19_STABLE, MOODLE_23_STABLE, MOODLE_27_STABLE
    • Fixed Branches:
      MOODLE_26_STABLE, MOODLE_27_STABLE
    • Pull Master Branch:
      MDL-22469-master

      Description

      The test on authCAS==NOCAS is done after the first CAS connexion, so that it works only every second time.
      The other time, moodle redirects towards the CAS server.

      2 patches are attached.
      light : quick hack to get the job done
      full : full cleanup that also fixes the bug, which fixes indentation problems and translates comments (french -> english).

      Prerequisites

      • You need to have CAS server (SSO) authentication method enabled with the setting "Multi-authentication" set to "yes"
      • You need two account. One using CAS authentication method, one using manual authentication method.

      To reproduce:

      • Go to login/index.php. You should the double auth method page.
      • Connect with the CAS auth method using the CAS user.
      • Disconnect yourself
      • Go to login/index.php or login/index.php?authCAS=NOCAS You will be reconnected to the CAS user. You will not be able to choose the auth method or choose the other method.

        Attachments

          Activity

            People

            • Votes:
              4 Vote for this issue
              Watchers:
              8 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Fix Release Date:
                8/Sep/14