search

owncloud-archive / user_cas

Currently maintained in :
https://github.com/felixrupp/user_cas
10 stars 49 forks source link

Infinite redirection loop with user_ldap #18

Open zeronounours opened 9 years ago

zeronounours commented 9 years ago

With ownCloud 8.1.1 and user_cas 1.1. When user_cas is configured with Link to LDAP backend on and Autocreate user off, the user is redirected to the default page endlessly while trying to log in.

The issue comes from user_ldap not being loaded before user_cas. This causes shouldEnforceAuthentication function to always be evaluated as true even when the user has been logged in. When this function actually calls OCP\User::isLoggedIn(), the LDAP backend isn't registered yet and so isn't checked for user existence.

A quick workaround is to load all authentication applications when initializing CAS backend:

class OC_USER_CAS extends OC_User_Backend {
    public function __construct() {
        $this->autocreate = OCP\Config::getAppValue('user_cas', 'cas_autocreate', true);
        $this->cas_link_to_ldap_backend = \OCP\Config::getAppValue('user_cas', 'cas_link_to_ldap_backend', false);
        $this->updateUserData = OCP\Config::getAppValue('user_cas', 'cas_update_user_data', true);
        $this->defaultGroup = OCP\Config::getAppValue('user_cas', 'cas_default_group', '');
        $this->protectedGroups = explode (',', str_replace(' ', '', OCP\Config::getAppValue('user_cas', 'cas_protected_groups', '')));
        $this->mailMapping = OCP\Config::getAppValue('user_cas', 'cas_email_mapping', '');
        $this->displayNameMapping = OCP\Config::getAppValue('user_cas', 'cas_displayName_mapping', '');
        $this->groupMapping = OCP\Config::getAppValue('user_cas', 'cas_group_mapping', '');
        self :: initialized_php_cas();
        OC_App::loadApps(['authentication']);
    }
}
DamienGombaultRecia commented 9 years ago

I confirm this bug. zeronounours, thank you for the workaround.

tinylcy commented 9 years ago

@zeronounours Thanks for your precious workaround!

bastienho commented 9 years ago

:+1: Thank you @zeronounours the patch works like a charm !

cedlerouge commented 8 years ago

I confirm this bug too, and this workaround fix it but i have a strange behaviour : cas_force_login is off cas_link_to_ldap_backend on but owncloud don't let me authenticate via owncloud form. this is usefull for public shared link

EDIT: this behavior is not related with the workaround. workaround is ok.

nitmir commented 8 years ago

I confirm too. The workaround works for me too.