Permalink
Commits on Oct 11, 2016
  1. Merge pull request #89 from antsar/master

    Fixed redirect loop with CASTimeout=0
    dhawes committed on GitHub Oct 11, 2016
Commits on Sep 26, 2016
  1. Fix typo.

    dhawes committed on GitHub Sep 26, 2016
Commits on Sep 25, 2016
  1. Merge pull request #109 from dhawes/module-specific-logging

    Issue #106. Allow per-module loglevel configuration.
    dhawes committed on GitHub Sep 25, 2016
  2. Merge pull request #103 from dhawes/CASAuthoritative-docs

    Add note that CASAuthoritative isn't available when using Apache 2.4.
    dhawes committed on GitHub Sep 25, 2016
  3. Merge pull request #104 from dhawes/google-group-link

    Add Google Group link to README
    dhawes committed on GitHub Sep 25, 2016
Commits on Aug 29, 2016
  1. Issue #106. Allow per-module loglevel configuration.

    David Hawes committed Aug 29, 2016
Commits on Jul 1, 2016
  1. Jasig/mod_auth_cas#99 Add note that CASAuthoritative isn't available

    when using Apache 2.4.
    David Hawes committed Jul 1, 2016
Commits on Jun 30, 2016
  1. Jasig/mod_auth_cas#100 Add Google Group link.

    David Hawes committed Jun 30, 2016
Commits on Apr 24, 2016
  1. Updated README for 1.1 release

    forsetti committed Apr 24, 2016
Commits on Feb 29, 2016
  1. Merge pull request #94 from dhawes/authn-hook

    Use ap_hook_check_authn() instead of ap_hook_check_access().
    dhawes committed Feb 29, 2016
Commits on Feb 24, 2016
  1. Use ap_hook_check_authn() instead of ap_hook_check_access().

    This allows "Satisy Any" and the 2.4-style multiple Require(Any|All)
    lines to work properly.
    
    The Apache 2.4 docs say the following about ap_hook_check_authn():
    
    This hook is used to analyze the request headers, authenticate the user,
    and set the user information in the request record (r->user and
    r->ap_auth_type). This hook is only run when Apache determines that
    authentication/authorization is required for this resource (as
    determined by the 'Require' directive). It runs after the access_checker
    hook, and before the auth_checker hook. This hook should be registered
    with ap_hook_check_authn(). If "Satisfy any" is in effect, this hook may
    be skipped.
    
    AUTHZ_DENIED_NO_USER needs to be returned in cas_check_authorization()
    in case the user hasn't been authenticated yet.
    
    Add stub for ap_hook_check_authn().
    David Hawes committed Feb 24, 2016
Commits on Feb 1, 2016
Commits on Jan 7, 2016
  1. Fixed redirect loop with CASTimeout=0

    Setting the CASTimeout option to 0 should allow a non-idle session to not expire. Instead, it initiated an endless redirect loop to the CAS server and back. This happened because the CAS cache file was instantly deleted upon being created. This commit prevents the cache from being deleted when CASTimeout is set to 0.
    antsar committed with antsar Jan 5, 2016
Commits on Dec 19, 2015
  1. Updated README for 1.1-RC1

    forsetti committed Dec 19, 2015
Commits on Dec 7, 2015
  1. Updated auto* artifacts

    forsetti committed Dec 7, 2015
  2. Converge dhawes/v1.1

    forsetti committed Dec 7, 2015
Commits on Nov 22, 2015
  1. Merge pull request #3 from dhawes/v1.1-AuthenticationMethod

    V1.1 authentication method
    dhawes committed Nov 22, 2015
  2. Merge branch 'v1.1' into v1.1-AuthenticationMethod

    David Hawes committed Nov 22, 2015
  3. Merge pull request #2 from forsetti/v1.1

    Fixed against 5294722 (v1.1), updated v1.1 version number and updated autotools
    dhawes committed Nov 22, 2015
Commits on Nov 13, 2015
  1. Keep retrieval of AuthenticationMethod

    David Hawes committed Nov 13, 2015
Commits on Nov 9, 2015
Commits on Nov 5, 2015
Commits on Nov 2, 2015
  1. Remove cookieFound attribute.

    David Hawes committed Nov 2, 2015
Commits on Oct 31, 2015
  1. Make this simpler and clearer.

    dhawes committed Oct 31, 2015
  2. Merge branch 'master' of git://github.com/klausdieterkrannich/mod_aut…

    …h_cas into klausdieterkrannich-master
    
    Conflicts:
    	src/mod_auth_cas.h
    dhawes committed Oct 31, 2015
Commits on Nov 18, 2014
  1. AuthenticationStatement in the SAML response never has identity attri…

    …butes, so simplify. Also, improve cas_authorize_worker to indicate when SAML response has no attributes returned
    smaresca committed with Steven Maresca Nov 18, 2014
  2. Bugfix: segmentation fault occurred while preparing a cache entry; us…

    …ername from CAS ticket was never properly extracted, leaving the char* as a NULL banana peel. Full fix required improved parsing of the SAML 1.1 response (was not extracting subject name from AuthenticationStatement) and addition of some sanity checks.
    
    Program received signal SIGSEGV, Segmentation fault.
    0x00007ffff799496b in apr_xml_quote_string () from /usr/lib/libaprutil-1.so.0
    (gdb) bt
    0  0x00007ffff799496b in apr_xml_quote_string () from /usr/lib/libaprutil-1.so.0
    1  0x00007ffff62e830e in writeCASCacheEntry (r=0x7ffff53c30a0, name=0x7ffff53c2780 "1b3855f0110f1a05d3ca5d2c5667b6e3", cache=0x7fffffffdc60, exists=0 '\000')
       at mod_auth_cas.c:1215
    2  0x00007ffff62e9635 in createCASCookie (r=0x7ffff53c30a0, user=0x0, attrs=0x7ffff53ccb50, ticket=0x7ffff53cb277 "ST-701585-TK73aKTv4yzBo1bcY6Ct-login.uconn.edu")
       at mod_auth_cas.c:1288
    3  0x00007ffff62eb221 in cas_authenticate (r=0x7ffff53c30a0) at mod_auth_cas.c:2057
    4  0x000055555558fa28 in ap_run_check_user_id ()
    5  0x0000555555591d0e in ap_process_request_internal ()
    6  0x00005555555a55a0 in ap_process_request ()
    7  0x00005555555a23d8 in ?? ()
    8  0x000055555559bfa8 in ap_run_process_connection ()
    9  0x00005555555aa210 in ?? ()
    10 0x00005555555aa936 in ?? ()
    11 0x00005555555ab103 in ap_mpm_run ()
    12 0x00005555555804a4 in main ()
    (gdb)
    smaresca committed with Steven Maresca Nov 18, 2014
Commits on Oct 14, 2014