Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Eternal loop with auth required and non-redmine CAS user #3

Open
osusoy opened this Issue January 01, 2011 · 2 comments

3 participants

Ozgur Susoy Alex JonLundy
Ozgur Susoy

I'll have a look at this when i can but to have it on record:

If 'Authentication required' is selected in auth admin and a valid CAS user that is not registered with redmine navigates to the redmine site, we end up with an eternal loop as any errors generated redirect to cas authentication which passes as there's a valid tgt.

Redirecting to an error page that bypasses normal auth would be changing common functionality (hence ugly and hacky). Might look into how tricky it would be to just fall back to local login screen with an error msg... which isn't ideal either X( Maybe display the error on an alert, and then locally tag existing tgt as invalid as far as redmine is concerned???

other ideas?

Alex

My instance appears to endless redirect if the CAS user is not already in the Redmine user list. - Apologies I was using the 'other' CAS Redmine plugin hosted on gitorious http://www.redmine.org/plugins/redmine_cas which just posted a fix. Any idea why 2 plugins for the same exact small task?

JonLundy

I have found that the redmine_cas plugin has an issue where it wont allow API requests to be authenticated. It blocks any requests whether i put the internally stored password or API tokens which will work if the plugin is not enabled. I havn't tested this one yet to see if it has the same problem.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.