Kitsune18
commented
3 years ago Does anyone have any idea how to fix this problem?
Open Kitsune18 opened 3 years ago
Kitsune18
commented
3 years ago Does anyone have any idea how to fix this problem?
Kitsune18
commented
3 years ago I've determined that auto-registration of new clients is not working with this plugin (v1.2.1 and osTicket 1.15.x). This morning I upgraded our test osTicket instance to 1.15.2 then tried logging in again with a client username from CAS which had not yet been created in osTicket and it failed to log in which meant the client was not created in osTicket.
I tried creating a new client in osTicket and registered it using the Agent panel, once I received the activation email from osTicket I clicked the activation link. Afterwords I could sign in as the new client using CAS. So now the question is how can we fix this? We have Registration Required enabled and Registration Method set to Private under Authentication Settings in osTicket, we also have Force client registration enabled in the plugin.
Thank you
Kitsune18
commented
3 years ago I have finally tracked down the problem. I'm not sure why it doesn't work with the osTicket-auth-cas plugin but at least I have a workaround until the plugin can be fixed.
In osTicket 1.15.x on line 137, function attemptAutoRegister(), in class.auth.php I changed
if (!$cfg || !$cfg->isClientRegistrationEnabled())
to
if (!$cfg)
Now when new clients sign up for their SSO account they are automatically registered in osTicket 1.15.x the first time they visit our help desk.
kevinoconnor7
commented
3 years ago Good catch! Sorry, I didn't get a chance to look at this early on and it slipped down in my inbox.
I'm not sure why this became a regression. isClientRegistrationEnabled hasn't changed in a long time, but it does seem to require that you have public registration enabled. The code does check for for another mode called auto but there doesn't seem to be a way to actually set that. This is really a bug with osTicket, but I suspect that people have become dependent on the behavior.
I'll make a change to explicitly allow public or private registration modes within this plugin though.
kevinoconnor7
commented
3 years ago oops I misread and I now see that the code you changed is in osTicket proper. It was indeed a recent-ish change from October: https://github.com/osTicket/osTicket/commit/c3c01d3c7520b3f3863d3e1e04bc36ba468e1009
I filed a bug with osTicket https://github.com/osTicket/osTicket/issues/5832 since we'll now need them to add support for a non-public plugin registration mode.
Kitsune18
commented
3 years ago Ok great, thank you!
All new help desk users (clients) attempting to log into osTicket 1.15.1 (auth-cas 1.2.1) keep getting sent back to the osTicket login page and their user accounts are never automatically created in osTicket. However existing osTicket 1.15.1 users are able to login without any problems. In our configuration agents do not use CAS but clients do so Authentication our auth-cas plugin is configured for "Clients Only".
Before we upgraded to 1.15.1 from 1.10.x (with auth-cas 1.1.6) we did not have any problems with osTicket creating new users and logging in.