Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

authenticate_on_every_request and Gateway #13

Open
Jimflip opened this issue Mar 16, 2011 · 5 comments
Open

authenticate_on_every_request and Gateway #13

Jimflip opened this issue Mar 16, 2011 · 5 comments
Labels
feature request
Milestone
2.4

Comments

@Jimflip
Copy link

Jimflip commented Mar 16, 2011

If using the gateway filter a request is made for every action, even though authenticate_on_every_request is set to false.

Not sure if this is necessary for the protocol (I don't think so), but obviously this has serious performance issues for us.

Cheers,
Jim.
@Jimflip
Copy link
Author

Jimflip commented Oct 2, 2011

So is this just me or is this the expected behaviour?
If you can confirm either way I can then look into debugging it.

@Jimflip Jimflip closed this as completed Oct 2, 2011
@Jimflip Jimflip reopened this Oct 2, 2011
@soupmatt
Copy link
Member

soupmatt commented Nov 1, 2011

This is what the current implementation does, and I agree that it is far from optimal. I'll plan on fixing it for the next release, but I don't know how soon that will be. Feel free to submit a patch with tests if you like.

@Jimflip
Copy link
Author

Jimflip commented Nov 2, 2011

Hi

I now understand better why its doing what it does, it is kinda an optimisation problem.

If there is no ticket in the session then no point going to CAS server to be told that when on a Gatewayed page, just wasn't sure if there is anything I am missing in doing this. I find the CAS protocol rather confusing, mostly due to poor documentation.

I am having a load of stability/deployment issues with rubycas server, and looking/forced to write my own version from scratch using node.js or move to a different protocol. So cannot commit to fixing this issue until server/protocol problems are resolved.

Cheers,
Jm.

@stgm
Copy link

stgm commented Aug 17, 2013

Well, for anyone looking for a quick fix, you can override this behaviour in your Rails application by creating a new file in config/initializers and using this code which simply redefines the relevant method in the Filter class:

module CASClient::Frameworks::Rails
    class Filter
        def self.unauthorized!(controller, vr = nil)
            if controller.params[:format] == "xml"
                if vr
                    controller.send(:render, :xml => "<errors><error>#{vr.failure_message}</error></errors>", :status => 401)
                else
                    controller.send(:head, 401)
                end
            else
                if use_gatewaying?
                    controller.logger.debug "Skipping redirect to CAS because of Gatewaying."
                else
                    redirect_to_cas_for_authentication(controller)
                end
            end
        end
    end
end

@thiyagarajanth
Copy link

Hi,

I used 'authenticate_on_every_request' its keep authenticate with server but while sending a post request to server with parameters, after authentication of this request am not getting the post method parameters. i don't know why ?

Regards
Thiyagu.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature request
Projects
None yet
Milestone
2.4
Development

No branches or pull requests
4 participants
@Jimflip @soupmatt @stgm @thiyagarajanth