Moodle
  1. Moodle
  2. MDL-27610

Redirection failed after CAS log out with CAS server > 3.3.5

    Details

    • Type: Bug Bug
    • Status: Open
    • Priority: Minor Minor
    • Resolution: Unresolved
    • Affects Version/s: 1.9.16, 2.0.3, 2.1.4, 2.2.1, 2.3.4, 2.4.1, 2.5.1
    • Fix Version/s: STABLE backlog
    • Component/s: Authentication
    • Labels:
    • Testing Instructions:
      Hide
      • You need a cas server version > 3.3.5
      • On the CAS server parameters page, turn the field "Logout CAS" to 'yes'
      • Log in then log out. You must come back on your moodle home page.
      Show
      You need a cas server version > 3.3.5 On the CAS server parameters page, turn the field "Logout CAS" to 'yes' Log in then log out. You must come back on your moodle home page.
    • Affected Branches:
      MOODLE_19_STABLE, MOODLE_20_STABLE, MOODLE_21_STABLE, MOODLE_22_STABLE, MOODLE_23_STABLE, MOODLE_24_STABLE, MOODLE_25_STABLE
    • Rank:
      17275

      Description

      Problem presents in Moodle 1.9.16 / 2.0.3 / 2.1.4 / 2.2.1 / 2.3.4 / 2.4.1 / 2.5.1

      I use CAS for authentification on my moodle site.
      The login process does work.

      On the CAS server parameters page, I turned the field "Logout CAS" to 'yes' (to logout from CAS when disconnecting from Moodle).
      When I log out (http://mymoodle.site.fr/login/logout.php?sesskey=XXXsJe78oO), Moodle calls the CAS logout page : https://cas.site.fr/logout?url=http%3A%2F%2Fmymoodle.site.fr
      Then, because of the url field after "logout?", the CAS logout page calls the web page "http://mymoodle.site.fr"

      But since we changed our CAS server with the version 3.4.6, this last redirection does not work anymore and I stay on the page https://cas.site.fr/logout?url=http%3A%2F%2Fmymoodle.site.fr

      I read on this phpCAS page (https://wiki.jasig.org/display/CASC/phpCAS+logout), the function phpCAS::logoutWithUrl($url) is deprecated for CAS servers > 3.3.5.

      I looked for this function on the moodle code and I found it in the auth/cas/auth.php file. I guess this file is used in the authentification process.

      Line 170 : (from moodle 1.9 code but it is the same in 2.x)
      170 if ($this->config->logoutcas ) {
      171 $backurl = $CFG->wwwroot;
      172 $this->connectCAS();
      173 phpCAS::logoutWithUrl($backurl);
      174 }_

      I changed the line 173 with :
      173 phpCAS::logoutWithRedirectService($backurl);
      and the redirection works again.

      May 2011 : http://moodle.org/mod/forum/discuss.php?d=133002 (first post)
      January 2012 : http://moodle.org/mod/forum/discuss.php?d=194260 (discuss)
      January 2013 : the problem is still there with Moodle 2.3.4 and 2.4.1
      August 2013 : the problem is still there in Moodle 2.5.1

        Activity

        Hide
        Pascal Maury added a comment - - edited

        Just to understand : what 'triaged' means exactly ?

        EDIT : -> http://docs.moodle.org/en/Development:Bug_triage

        Show
        Pascal Maury added a comment - - edited Just to understand : what 'triaged' means exactly ? EDIT : -> http://docs.moodle.org/en/Development:Bug_triage
        Hide
        Patrick Pollet added a comment -

        I think the following change to auth/cas/auth.php at the end of function prelogout_hook should do the trick

        if (method_exists('phpCAS', 'logoutWithRedirectService'))
        phpCAS::logoutWithRedirectService($backurl);
        else
        phpCAS::logoutWithURL($backurl);

        Cheers.

        Show
        Patrick Pollet added a comment - I think the following change to auth/cas/auth.php at the end of function prelogout_hook should do the trick if (method_exists('phpCAS', 'logoutWithRedirectService')) phpCAS::logoutWithRedirectService($backurl); else phpCAS::logoutWithURL($backurl); Cheers.
        Hide
        Pascal Maury added a comment -

        updated :
        Tested with Moodle 1.9.12 / 2.0.3

        Today tested with Moodle 1.9.16 / 2.1.4 / 2.2.1

        Show
        Pascal Maury added a comment - updated : Tested with Moodle 1.9.12 / 2.0.3 Today tested with Moodle 1.9.16 / 2.1.4 / 2.2.1
        Hide
        Pascal Maury added a comment -

        This problem is still there in Moodle 2.3.4 and 2.4.1

        Why it takes so long to fix it while the solution is known ?

        Show
        Pascal Maury added a comment - This problem is still there in Moodle 2.3.4 and 2.4.1 Why it takes so long to fix it while the solution is known ?

          People

          • Votes:
            8 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

            • Created:
              Updated: