Skip to content
This repository has been archived by the owner on Jul 18, 2018. It is now read-only.

Infinite redirection loop with user_ldap #18

Open
zeronounours opened this issue Aug 23, 2015 · 5 comments
Open

Infinite redirection loop with user_ldap #18

zeronounours opened this issue Aug 23, 2015 · 5 comments

Comments

@zeronounours
Copy link

With ownCloud 8.1.1 and user_cas 1.1.
When user_cas is configured with Link to LDAP backend on and Autocreate user off, the user is redirected to the default page endlessly while trying to log in.

The issue comes from user_ldap not being loaded before user_cas. This causes shouldEnforceAuthentication function to always be evaluated as true even when the user has been logged in. When this function actually calls OCP\User::isLoggedIn(), the LDAP backend isn't registered yet and so isn't checked for user existence.

A quick workaround is to load all authentication applications when initializing CAS backend:

class OC_USER_CAS extends OC_User_Backend {
    public function __construct() {
        $this->autocreate = OCP\Config::getAppValue('user_cas', 'cas_autocreate', true);
        $this->cas_link_to_ldap_backend = \OCP\Config::getAppValue('user_cas', 'cas_link_to_ldap_backend', false);
        $this->updateUserData = OCP\Config::getAppValue('user_cas', 'cas_update_user_data', true);
        $this->defaultGroup = OCP\Config::getAppValue('user_cas', 'cas_default_group', '');
        $this->protectedGroups = explode (',', str_replace(' ', '', OCP\Config::getAppValue('user_cas', 'cas_protected_groups', '')));
        $this->mailMapping = OCP\Config::getAppValue('user_cas', 'cas_email_mapping', '');
        $this->displayNameMapping = OCP\Config::getAppValue('user_cas', 'cas_displayName_mapping', '');
        $this->groupMapping = OCP\Config::getAppValue('user_cas', 'cas_group_mapping', '');
        self :: initialized_php_cas();
        OC_App::loadApps(['authentication']);
    }
}
@DamienGombaultRecia
Copy link

I confirm this bug.
zeronounours, thank you for the workaround.

@tinylcy
Copy link

tinylcy commented Oct 17, 2015

@zeronounours
Thanks for your precious workaround!

@bastienho
Copy link

👍
Thank you @zeronounours the patch works like a charm !

@cedlerouge
Copy link

I confirm this bug too, and this workaround fix it but i have a strange behaviour :
cas_force_login is off
cas_link_to_ldap_backend on
but owncloud don't let me authenticate via owncloud form.
this is usefull for public shared link

EDIT: this behavior is not related with the workaround. workaround is ok.

@nitmir
Copy link

nitmir commented Dec 3, 2015

I confirm too. The workaround works for me too.

@tsacode tsacode mentioned this issue Oct 18, 2016
Open
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@bastienho @cedlerouge @nitmir @zeronounours @tinylcy @DamienGombaultRecia