Phil, would that be the commit of March 23 ("NOJIRA Improvements to
SSO support"), rev 20312?We still experience POST requests getting lost and SSO not working reliably so something is going wrong. But it might be on our side, of course, I'll see if I can pinpoint the cause. I would still like so see this feature land, though. I'm working on a nginx CAS module and having the ability to opt out early makes things considerably easier. On Thu, Dec 2, 2010 at 15:22, Phil Ames <[email protected]> wrote: > Hey Ben, > Are you sure about mod_auth_cas eating POST requests with > CASSSOEnabled? I thought we had licked that problem recently. The > tests I had conducted looked promising that the issue had been > resolved. > > -Phil > > On Thu, Dec 2, 2010 at 8:50 AM, Ben Noordhuis <[email protected]> wrote: >> Hi, >> >> Can one of the developers take a look at the attached patch? It adds a >> "X-CAS-Action: logout" header to the SSO request. Applies cleanly to >> (at least) 3.4.2.1 and 3.4.3.1. >> >> Background: mod_auth_cas cannot reliably support SSO due to how >> request body filters are implemented in apache2. Currently, if you >> turn on SSO, mod_auth_cas also eats regular POST requests. This patch >> would make that trivially easy to fix. >> >> Thanks! >> >> Ben Noordhuis >> NRC Media >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-dev > > -- > You are currently subscribed to [email protected] as: [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
