-
Type: Improvement
-
Status: Open
-
Priority: Minor
-
Resolution: Unresolved
-
Affects Version/s: 5.3.2
-
Fix Version/s: Postponed
-
Component/s: Security / Rights
-
Environment:Debian / nuxeo dm 5.3.1 + JBoss / PostgreSQL 8.4
-
Tags:
Hi,
The cas2 plugin does not test if the cas serveur is available. So if for any reason the cas server is down, there is no test and the add-on redirect to the downed cas server ----> the browser tell me it cannot establish connection, and that's it. I can't access to my nuxeo server.
Here is my authentication chain :
<authenticationChain>
<plugins>
<plugin>BASIC_AUTH</plugin>
<plugin>CAS2_AUTH</plugin>
<plugin>PORTAL_AUTH</plugin>
<plugin>FORM_AUTH</plugin>
</plugins>
</authenticationChain>
I have downloaded the plugin sources and add a patch that makes it works as it should be (you will find the diff attached). I am sure the way I did it is not the cleanest, but it works in my case. It try to create a socket connection to the cas server, if not, just return false so the NuxeoAuthenticationFilter (in its handlePrompt() method) know that this authentication is not possible and ask the next plugin in the chain to do the work.
Can you tell me if there was an existing way for that? Do you think you will integrated this feature in next release of that add-on ?
P.S: see http://www.nuxeo.org/discussions/thread.jspa?threadID=3728 where I asked for information about that.