Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-27610

Redirection failed after CAS log out with CAS server > 3.3.5

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 1.9.16, 2.0.3, 2.1.4, 2.2.1, 2.3.4, 2.4.1, 2.5.1
    • Fix Version/s: STABLE backlog
    • Component/s: Authentication
    • Labels:
    • Testing Instructions:
      Hide
      • You need a cas server version > 3.3.5
      • On the CAS server parameters page, turn the field "Logout CAS" to 'yes'
      • Log in then log out. You must come back on your moodle home page.
      Show
      You need a cas server version > 3.3.5 On the CAS server parameters page, turn the field "Logout CAS" to 'yes' Log in then log out. You must come back on your moodle home page.
    • Affected Branches:
      MOODLE_19_STABLE, MOODLE_20_STABLE, MOODLE_21_STABLE, MOODLE_22_STABLE, MOODLE_23_STABLE, MOODLE_24_STABLE, MOODLE_25_STABLE

      Description

      Problem presents in Moodle 1.9.16 / 2.0.3 / 2.1.4 / 2.2.1 / 2.3.4 / 2.4.1 / 2.5.1

      I use CAS for authentification on my moodle site.
      The login process does work.

      On the CAS server parameters page, I turned the field "Logout CAS" to 'yes' (to logout from CAS when disconnecting from Moodle).
      When I log out (http://mymoodle.site.fr/login/logout.php?sesskey=XXXsJe78oO), Moodle calls the CAS logout page : https://cas.site.fr/logout?url=http%3A%2F%2Fmymoodle.site.fr
      Then, because of the url field after "logout?", the CAS logout page calls the web page "http://mymoodle.site.fr"

      But since we changed our CAS server with the version 3.4.6, this last redirection does not work anymore and I stay on the page https://cas.site.fr/logout?url=http%3A%2F%2Fmymoodle.site.fr

      I read on this phpCAS page (https://wiki.jasig.org/display/CASC/phpCAS+logout), the function phpCAS::logoutWithUrl($url) is deprecated for CAS servers > 3.3.5.

      I looked for this function on the moodle code and I found it in the auth/cas/auth.php file. I guess this file is used in the authentification process.

      Line 170 : (from moodle 1.9 code but it is the same in 2.x)
      170 if ($this->config->logoutcas ) {
      171 $backurl = $CFG->wwwroot;
      172 $this->connectCAS();
      173 phpCAS::logoutWithUrl($backurl);
      174 }_

      I changed the line 173 with :
      173 phpCAS::logoutWithRedirectService($backurl);
      and the redirection works again.

      May 2011 : http://moodle.org/mod/forum/discuss.php?d=133002 (first post)
      January 2012 : http://moodle.org/mod/forum/discuss.php?d=194260 (discuss)
      January 2013 : the problem is still there with Moodle 2.3.4 and 2.4.1
      August 2013 : the problem is still there in Moodle 2.5.1

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Votes:
                  8 Vote for this issue
                  Watchers:
                  4 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: