Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-41733

Allow direct authentication with CAS to a course when multiple authentication is activated

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 2.5.2
    • Fix Version/s: 2.6
    • Component/s: Authentication
    • Labels:
    • Testing Instructions:
      Hide

      Testing prerequisites

      • You need a CAS authentication server configured with two sites, an external one and a moodle one.
      • You also need a CAS account subscribed on a moodle course.

      Testing instructions

      • Go to the external site who need CAS authentication
      • Authenticate yourself with your CAS account
      • on the address bar of your browser, go to your course using this url format:
        https://mymoodle.com/login/index.php?authCAS=CAS&courseid=12345
      • You should be able to access the home page of your course without the need to authenticate yourself again
      • Close all tab and windows on your browser (To kill CAS authentication session)
      • on the address bar of your browser, go to your course using this url format:
        https://mymoodle.com/login/index.php?authCAS=CAS&courseid=12345
      • You should now see the authentication page of your CAS server
      • Enter the authentication information
      • You should now be redirected to the home page of the course entered.
      Show
      Testing prerequisites You need a CAS authentication server configured with two sites, an external one and a moodle one. You also need a CAS account subscribed on a moodle course. Testing instructions Go to the external site who need CAS authentication Authenticate yourself with your CAS account on the address bar of your browser, go to your course using this url format: https://mymoodle.com/login/index.php?authCAS=CAS&courseid=12345 You should be able to access the home page of your course without the need to authenticate yourself again Close all tab and windows on your browser (To kill CAS authentication session) on the address bar of your browser, go to your course using this url format: https://mymoodle.com/login/index.php?authCAS=CAS&courseid=12345 You should now see the authentication page of your CAS server Enter the authentication information You should now be redirected to the home page of the course entered.
    • Affected Branches:
      MOODLE_25_STABLE
    • Fixed Branches:
      MOODLE_26_STABLE
    • Pull from Repository:
    • Pull Master Branch:
      MDL-41733_master

      Description

      In the portal of our University a student can connect directly to is course.
      Both the portal and Moodle use the same authentication, CAS.

      The problem is when we activate the Multi-authentication parameters on the CAS server configuration page, the CAS connected users from the portal are always prompted to choose their authentication method. Since they are already connected, we want to force the CAS auth.

      We can choose the auth method from the login url, ex:
      https://mymoodle.myuniversity.com/login/index.php?authCAS=CAS

      it should be nice to have the same for courses ex:
      https://mymoodle.myuniversity.com/course/view.php?id=12345&authCAS=CAS

      After checked in the code, this way needed to modify the code at others place than the CAS auth module so since, its a CAS specific customization, I think we should only modify the code in the auth/CAS/auth.php file.

      So the possible result will look like this:
      https://mymoodle.myuniversity.com/login/index.php?authCAS=CAS&courseid=12345

      I'll share the modification when finished.

        Gliffy Diagrams

          Attachments

            Activity

            Hide
            leblangi Gilles-Philippe Leblanc added a comment -

            Here is the code who allow this improvement.

            Show
            leblangi Gilles-Philippe Leblanc added a comment - Here is the code who allow this improvement.
            Hide
            salvetore Michael de Raadt added a comment -

            Thanks for working on that. Hopefully it will get a review soon.

            Show
            salvetore Michael de Raadt added a comment - Thanks for working on that. Hopefully it will get a review soon.
            Hide
            poltawski Dan Poltawski added a comment -

            Hi Gilles-Philippe,

            This looks ok to me, the only thing I would say is that it seems more correct to set the default for the courseid to 0 rather than a string of a different type.

            cheers,
            dan

            Show
            poltawski Dan Poltawski added a comment - Hi Gilles-Philippe, This looks ok to me, the only thing I would say is that it seems more correct to set the default for the courseid to 0 rather than a string of a different type. cheers, dan
            Hide
            leblangi Gilles-Philippe Leblanc added a comment -

            The requested change has been made. Pushing back to request peer review state.

            Show
            leblangi Gilles-Philippe Leblanc added a comment - The requested change has been made. Pushing back to request peer review state.
            Hide
            poltawski Dan Poltawski added a comment -

            Thanks, sending for integration

            Show
            poltawski Dan Poltawski added a comment - Thanks, sending for integration
            Hide
            marina Marina Glancy added a comment -

            Thanks Gilles-Phillippe, it has been integrated in master

            Show
            marina Marina Glancy added a comment - Thanks Gilles-Phillippe, it has been integrated in master
            Hide
            phalacee Jason Fowler added a comment -

            Thanks for the patch, confirmed to be working as described

            Show
            phalacee Jason Fowler added a comment - Thanks for the patch, confirmed to be working as described
            Hide
            marina Marina Glancy added a comment -

            And THANK YOU again for making Moodle better every day!

            Another weekly release has been released.

            Show
            marina Marina Glancy added a comment - And THANK YOU again for making Moodle better every day! Another weekly release has been released.
            Hide
            rien0700 Rikard E added a comment -

            We are using version 2.6.5 and we recently noticed that CAS course direct linking ain't working anymore. Before we just linked to the courses like this: https://mymoodlesite.com/moodle/course/view.php?id=213
            and then the CAS login worked automatically and user landed in the course. This stopped working sometime between 2.6.1+ and 2.6.5.

            I also tried this suggestion without success: https://mymoodle.myuniversity.com/login/index.php?authCAS=CAS&courseid=12345

            Show
            rien0700 Rikard E added a comment - We are using version 2.6.5 and we recently noticed that CAS course direct linking ain't working anymore. Before we just linked to the courses like this: https://mymoodlesite.com/moodle/course/view.php?id=213 and then the CAS login worked automatically and user landed in the course. This stopped working sometime between 2.6.1+ and 2.6.5. I also tried this suggestion without success: https://mymoodle.myuniversity.com/login/index.php?authCAS=CAS&courseid=12345
            Hide
            rien0700 Rikard E added a comment - - edited

            I have explained it more in detail in this thread:
            https://moodle.org/mod/forum/discuss.php?d=270527

            Show
            rien0700 Rikard E added a comment - - edited I have explained it more in detail in this thread: https://moodle.org/mod/forum/discuss.php?d=270527
            Hide
            rien0700 Rikard E added a comment -

            I found the reason to this problem. The CAS auth version number is the same in 2.6.1+ and 2.6.5, but if you take a deeper look you see that there are changes made after 2.6.1+.

            In summary:
            I replaced the loginpage_hook() function with the one from 2.6.1+ and things started to work again. There are more details in the thread I posted above

            Show
            rien0700 Rikard E added a comment - I found the reason to this problem. The CAS auth version number is the same in 2.6.1+ and 2.6.5, but if you take a deeper look you see that there are changes made after 2.6.1+. In summary: I replaced the loginpage_hook() function with the one from 2.6.1+ and things started to work again. There are more details in the thread I posted above
            Hide
            marina Marina Glancy added a comment -

            Hi Rikard, this issue is already closed. If you believe there is still a bug can you create another issue please

            Show
            marina Marina Glancy added a comment - Hi Rikard, this issue is already closed. If you believe there is still a bug can you create another issue please

              People

              • Votes:
                1 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Fix Release Date:
                  18/Nov/13