doesn't work with mama-cas: when doing a /login request, TARGET parameter is incorrectly(?) used
Issue #6
wontfix
Right now, your plugin doesn't seem to work properly in combination with mama-cas ( https://github.com/jbittel/django-mama-cas ).
The problem appears to be the following:
According to https://github.com/Jasig/cas/blob/master/cas-server-documentation/protocol/CAS-Protocol-Specification.md in section 2.1.1, the /login endpoint only knows the "service" parameter, but not the TARGET parameter which your plugin appears to send (visible as GET parameter).
In section 4.2.1, /samlValidate describes a TARGET parameter that must match the "service" parameter of /login - that seems to be an obvious hint that /login has the same value as this parameter but named "service" and not TARGET.
If your assessment has the same result (that this is indeed incorrect), then it would be nice if you could fix it (:
Comments (2)
-
-
Account Deleted
- changed status to wontfix
For now there won't be an additional ticket validator
- Log in to comment
- Assignee
- –
- Type
- Priority
- Status
- wontfix
- Component
- bugzilla-cas-plugin
- Version
- 1.3
- Votes
- 0
- Watchers
- 1
Hi, could you please login to bitbucket cause the ticketsystem doesn't allow notifications on anonymous accounts.
The login mechanism of SCM-Manager Universe is based on the use of attributes. These attributes are available in the SAML or in CAS 3.0 protocol. Our plugin is assuming that SAML is used.
In your case, mamaCAS does not support SAML but CAS 3.0. We will check if we will implement a additional ticket validator to support CAS 3.0 protocol.
Cheers, Dirk