gregkoron
commented
7 years ago I have noticed the same problems with Joomla 3.8.1. Do you have any solution? Thank you in advance!
Open orware opened 7 years ago
gregkoron
commented
7 years ago I have noticed the same problems with Joomla 3.8.1. Do you have any solution? Thank you in advance!
chdemko
commented
6 years ago Currently, I have no solution since Joomla! must be aware of the CAS server used. But you can propose a PR if you want.
As I've been using the newest versions of the plugin to do my CAS Testing the past couple of weeks a particular situation has come up a few times that I've observed and at the moment I'm not sure if it's a bug or not, but at the moment it feels like one (and I've been able to verify it occurring with our commercial CAS server and the custom one I've been building in PHP). Below are the details I've been able to gather (I'll take a closer look at the code to see if I can identify any clues leading to the issue after I finish this writeup).
Scenario 1 (User-initiated login from Joomla External Login Module): If I go directly to my test Joomla site as normal (e.g. "http://localhost/intranet"), then hit the CAS Login button, I'm redirected to our CAS Server, I log in, and I get redirected back to the Joomla site with everything validated and I get logged in without any problem.
Scenario 2 (CAS Auth Initiated Outside of Joomla) If instead of initiating the CAS login from the Joomla site, I simply put in the URL to the CAS Server and provide the Joomla site URL as the value for the service like this:
After successfully authenticating, it doesn't log me in properly to Joomla upon redirect, instead it appears to get confused and I can visibly see some issues in the address bar because it ends up showing two tickets there like this:
At this point, if I hit the Login button from the External Login module, it will simply keep on redirecting back to the Joomla site with additional tickets appended to the URL.
From what I've been able to gather so far, the External Login Module initiates a request over to the External Login component so perhaps it is kicking off the SSO process in some way there in the normal Scenario 1, whereas that same process isn't being setup in Scenario 2.