Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-46753

logout_returl_url does not work at auth_cas

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 2.6.4, 2.7.1, 2.8
    • Fix Version/s: 2.6.5, 2.7.2
    • Component/s: Administration
    • Labels:
    • Testing Instructions:
      Hide
      In order to execute this test, you should have a working CAS Server.

      There's a CAS VM on server to test this.

      Also, to establish connection between your moodle instance and the CAS server, you should change the _getServerBaseURL function on CAS/Client.php. The main reason is because CAS plugin by the default verify the host SSL and unless you have a HTTPS in your local machine, you should change this line.

      1. Replace the https to http on line 301, the line should be exactly like this:

      $this->_server['base_url'] = 'http://' . $this->_getServerHostname();
      

      2. Log as admin and Go to Plugins > Authentication > Manage authentication.
      3. Enable CAS server (SSO) and go to Settings. The config should be like this.

      Hostname: Your VM IP address 
      Base URI: cas-server-webapp-3.5.2/
      Port: 8080
      Alternative logout return URL: http://www.moodle.org (or any other website but must begin with http:// or https://)
      Multi-authentication: Yes
      

      4. Create a user moodle or cas1 and set the authentication method to: CAS server (SSO)
      5. Logout and click on Log In.
      6. You will be prompted to choose the authentication method, choose CAS user.
      7. Enter your cas user and password and click LOGIN.
      8. You should be redirected to your moodle home.
      9. Click Log out.
      10. You should be redirect to your defined logout URL (http://www.moodle.org).
      11. Login as admin again and delete the logout URL previously set.
      12. Logout and login as cas user and logout again.
      13. You should be redirected to your moodle default start page ($CFG->wwwroot).

      Test this issue on 2.7 and 2.6 as well.

      Show
      In order to execute this test, you should have a working CAS Server. There's a CAS VM on server to test this. Also, to establish connection between your moodle instance and the CAS server, you should change the _getServerBaseURL function on CAS/Client.php. The main reason is because CAS plugin by the default verify the host SSL and unless you have a HTTPS in your local machine, you should change this line. 1. Replace the https to http on line 301, the line should be exactly like this: $this->_server['base_url'] = 'http://' . $this->_getServerHostname(); 2. Log as admin and Go to Plugins > Authentication > Manage authentication. 3. Enable CAS server (SSO) and go to Settings. The config should be like this. Hostname: Your VM IP address Base URI: cas-server-webapp-3.5.2/ Port: 8080 Alternative logout return URL: http://www.moodle.org (or any other website but must begin with http:// or https://) Multi-authentication: Yes 4. Create a user moodle or cas1 and set the authentication method to: CAS server (SSO) 5. Logout and click on Log In. 6. You will be prompted to choose the authentication method, choose CAS user. 7. Enter your cas user and password and click LOGIN. 8. You should be redirected to your moodle home. 9. Click Log out. 10. You should be redirect to your defined logout URL ( http://www.moodle.org ). 11. Login as admin again and delete the logout URL previously set. 12. Logout and login as cas user and logout again. 13. You should be redirected to your moodle default start page ($CFG->wwwroot). Test this issue on 2.7 and 2.6 as well.
    • Affected Branches:
      MOODLE_26_STABLE, MOODLE_27_STABLE, MOODLE_28_STABLE
    • Fixed Branches:
      MOODLE_26_STABLE, MOODLE_27_STABLE
    • Pull from Repository:
    • Pull Master Branch:
      MDL-46753-master

      Description

      Even if configure logout_return_url, it does not work. Because of inappropriately code.

      $ diff auth/cas/auth.php original/moodle-2.6.4/auth/cas/auth.php
      173,174c173
      <             //$backurl = $CFG->wwwroot;
      <             $backurl = !empty($this->config->logout_return_url) ? $this->config->logout_return_url : $CFG->wwwroot;
      ---
      >             $backurl = $CFG->wwwroot;
      

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Fix Release Date:
                  8/Sep/14