Re: [SOGo] SSO using vulture

2011-06-09 Thread Sébastien Posé 

Le 08/06/2011 18:30, Fabrice Durand a écrit :

Hi, what a coincidence,
Yesterday I fixed this problem between Sogo and vulture.
Which version of vulture do you use and can you send me the
TransHandler.pm file, I make you a patch.

Regards
Fabrice Durand

Le 8 juin 2011 14:34, Sébastien Posé sebastien.p...@ac-reunion.fr
mailto:sebastien.p...@ac-reunion.fr a écrit :

Hi,

I'm trying to use sogo throw vulture. I would like vulture
authenticates my users by sending their login and password to the
sogo's connection page (SSO feature).

I'm able to authenticate users but they are redirected to
/SOGo/connect and got:
{grace: -1, expire: -1}

If I remove /connect and refresh, I'm redirected to
/SOGo/so/sebastien.pose/Mail/view and everything is ok.

Has anyone encountered a similar problem?

Thanks.
--
Sébastien Posé
Division des Services Informatiques
Rectorat de la Réunion
--
users@sogo.nu mailto:users@sogo.nu
https://inverse.ca/sogo/lists




Hi,

I'm using vulture 1.99

Thank you.

--
Sébastien Posé
Division des Services Informatiques
Rectorat de la Réunion
--
users@sogo.nu
https://inverse.ca/sogo/listspackage Vulture::TransHandler;

use Apache2::Const -compile = qw(OK REDIRECT FORBIDDEN);
use Apache2::RequestRec ();
use Apache2::RequestIO ();
use Apache2::Reload;
use Apache2::Log;
use APR::URI;
use APR::Table;
use APR::URI;
use APR::SockAddr;
use HTTP::Request;
use Apache2::RequestUtil ();
use LWP::UserAgent;
use Apache2::Connection;
use Apache::SSLLookup;
use IPC::Run qw(run);

use Vulture qw(get_app $proto read_conf get_cookie session);

use Data::Dumper;

sub REMOTE_ADDR { 1 };
sub SCRIPT { 20 };
sub Vulture_portail { 1 };

my %headers_vars = (
		2 = 'SSL_CLIENT_I_DN',
		3 = 'SSL_CLIENT_M_SERIAL',
		4 = 'SSL_CLIENT_S_DN',
		5 = 'SSL_CLIENT_V_START',
		6 = 'SSL_CLIENT_V_END',
		7 = 'SSL_CLIENT_S_DN_C',
		8 = 'SSL_CLIENT_S_DN_ST',
		9 = 'SSL_CLIENT_S_DN_Email',
		10 = 'SSL_CLIENT_S_DN_L',
		11 = 'SSL_CLIENT_S_DN_O',
		12 = 'SSL_CLIENT_S_DN_OU',
		13 = 'SSL_CLIENT_S_DN_CN',
		14 = 'SSL_CLIENT_S_DN_T',
		15 = 'SSL_CLIENT_S_DN_I',
		16 = 'SSL_CLIENT_S_DN_G',
		17 = 'SSL_CLIENT_S_DN_S',
		18 = 'SSL_CLIENT_S_DN_D',
		19 = 'SSL_CLIENT_S_DN_UID',
		   );

sub rewrite {
	my ($r, $line, $uri) = @_;

	my ($exp, $rule) = split (/=/, $line);

	$rule =~ s/\s*//g;
	$exp =~ s/\s*//g;

	$line =~ /\[([A-Z0-9]+)\]/;
	my ($cond) = $1;
	return unless ($rule and $exp and ($$uri.($r-args ? ?.$r-args : )) =~ /$exp/x);
	return if ($cond =~ /,NOCERT$/ and $r-ssl_lookup('SSL_CLIENT_M_SERIAL'));
	return if ($cond eq H or $cond eq MH or $cond eq F or $cond eq UH or $cond eq L or $cond eq RH or $cond eq HL or $cond eq HP);

	$rule =~ s/\[$cond\]//;
	$cond =~ s/,NOCERT$//;

	if ($cond =~ /([0-9]+)/) {
		$r-status($1);
		return $1;
	}

	if ($$uri =~ /$exp/x) { # Load $1 $2
		$$uri = eval \$rule\;
	}
	return $cond;
}


sub rewrite_uri { # Fonction de reécriture d'url pour étre valide depuis internet
   my ($r, $app, $uri, $real_post_url, $log) = @_;

	if ($uri !~ /^(http|https):\/\/(.*)/ ) {
		my $rewrite_uri2 = APR::URI-parse($r-pool, $real_post_url);
		my $path = $rewrite_uri2-path();
		if ($uri =~ /^\/(.*)/) {
			$rewrite_uri2-hostname($app-{'name'});
			$rewrite_uri2-path($uri);
		}
		else {
			$path =~ s/[^\/]+$/$uri/g;
			$rewrite_uri2-path($path);	
		}
	$uri = $rewrite_uri2-unparse;
   }
   my $rewrite_uri = APR::URI-parse($r-pool, $uri);
   $rewrite_uri-hostname($app-{'name'});
   $rewrite_uri-scheme('http');
   $rewrite_uri-scheme('https') if $r-is_https;
   $rewrite_uri-port($r-connection-local_addr-port);
   return $rewrite_uri-unparse;
} 

sub handler {
	my $r = Apache::SSLLookup-new(shift);

	my $uri = $r-uri;
	my $server;
	my $dbh = DBI-connect($r-dir_config('VultureDSN'));
	my $log = $r-server-log;

	my $vulture_portail = 0;
	my $vulture_portail_uri = 0;


	if ($r-unparsed_uri =~ /static\/(.*)/) {
		$log-debug(Serving $1);
		$r-filename(/var/www/vulture/conf/static/$1);
		return Apache2::Const::OK;
	}

	my $app = get_app($log, $r-hostname, $dbh, $r-dir_config('VultureID')) if ($r-unparsed_uri !~ /vulture_app/ and $r-unparsed_uri !~ /vulture_logout/);

	if ($app and $app-{up}) {
		my ($id) = get_cookie($r-headers_in-{Cookie}, 'vulture_app=([^;]*)') if ($app-{auth});
		my ($vulture_portail) = get_cookie($r-headers_in-{Cookie}, 'vulture_portail=([^;]*)');

		my %session;
		my %session_referer;
		session(\%session, $app-{timeout}, $id) if ($id);

		if ($r-unparsed_uri =~ /vultureportail=(.*)/) {
			my ($vulture_portail_uri) = $1;
		}

		#Si il y a quelque chose dans cette variable c'est qu'il faut repasser pas le ResponseHandler.pm
		if ($session{reponse}) {
			return Apache2::Const::OK;
		}
		if (($session{_session_id} and $session{post}) or !$app-{'auth'}) {
			$r-user($session{user});
			my $sth = $dbh-prepare(SELECT var, value, type FROM headers, app WHERE id_app='.$app-{id}.'

Re: [SOGo] SSO using vulture

2011-06-09 Thread Fabrice Durand 
Try with this TransHandler.pm and be sure that Follow the post return in
your app is desactivate

Regards

Le 9 juin 2011 08:16, Sébastien Posé sebastien.p...@ac-reunion.fr a écrit
:

 Le 08/06/2011 18:30, Fabrice Durand a écrit :

 Hi, what a coincidence,
 Yesterday I fixed this problem between Sogo and vulture.
 Which version of vulture do you use and can you send me the
 TransHandler.pm file, I make you a patch.

 Regards
 Fabrice Durand

 Le 8 juin 2011 14:34, Sébastien Posé sebastien.p...@ac-reunion.fr
 mailto:sebastien.p...@ac-reunion.fr a écrit :


Hi,

I'm trying to use sogo throw vulture. I would like vulture
authenticates my users by sending their login and password to the
sogo's connection page (SSO feature).

I'm able to authenticate users but they are redirected to
/SOGo/connect and got:
{grace: -1, expire: -1}

If I remove /connect and refresh, I'm redirected to
/SOGo/so/sebastien.pose/Mail/view and everything is ok.

Has anyone encountered a similar problem?

Thanks.
--
Sébastien Posé
Division des Services Informatiques
Rectorat de la Réunion
--
users@sogo.nu mailto:users@sogo.nu

https://inverse.ca/sogo/lists



 Hi,

 I'm using vulture 1.99

 Thank you.


 --
 Sébastien Posé
 Division des Services Informatiques
 Rectorat de la Réunion
 --
 users@sogo.nu
 https://inverse.ca/sogo/lists



TransHandler.pm
Description: Binary data

Re: [SOGo] SSO using vulture

2011-06-09 Thread Sébastien Posé 

Le 09/06/2011 10:23, Fabrice Durand a écrit :

Try with this TransHandler.pm and be sure that Follow the post return
in your app is desactivate

Regards

Le 9 juin 2011 08:16, Sébastien Posé sebastien.p...@ac-reunion.fr
mailto:sebastien.p...@ac-reunion.fr a écrit :

Le 08/06/2011 18:30, Fabrice Durand a écrit :

Hi, what a coincidence,
Yesterday I fixed this problem between Sogo and vulture.
Which version of vulture do you use and can you send me the
TransHandler.pm file, I make you a patch.

Regards
Fabrice Durand

Le 8 juin 2011 14:34, Sébastien Posé
sebastien.p...@ac-reunion.fr mailto:sebastien.p...@ac-reunion.fr
mailto:sebastien.p...@ac-reunion.fr
mailto:sebastien.p...@ac-reunion.fr a écrit :


Hi,

I'm trying to use sogo throw vulture. I would like vulture
authenticates my users by sending their login and password
to the
sogo's connection page (SSO feature).

I'm able to authenticate users but they are redirected to
/SOGo/connect and got:
{grace: -1, expire: -1}

If I remove /connect and refresh, I'm redirected to
/SOGo/so/sebastien.pose/Mail/view and everything is ok.

Has anyone encountered a similar problem?

Thanks.
--
Sébastien Posé
Division des Services Informatiques
Rectorat de la Réunion
--
users@sogo.nu mailto:users@sogo.nu mailto:users@sogo.nu
mailto:users@sogo.nu

https://inverse.ca/sogo/lists



Hi,

I'm using vulture 1.99

Thank you.


--
Sébastien Posé
Division des Services Informatiques
Rectorat de la Réunion
--
users@sogo.nu mailto:users@sogo.nu
https://inverse.ca/sogo/lists




It works like a charm.

Thank you.

--
Sébastien Posé
Division des Services Informatiques
Rectorat de la Réunion
--
users@sogo.nu
https://inverse.ca/sogo/lists

[SOGo] SSO using vulture

2011-06-08 Thread Sébastien Posé 

Hi,

I'm trying to use sogo throw vulture. I would like vulture authenticates 
my users by sending their login and password to the sogo's connection 
page (SSO feature).


I'm able to authenticate users but they are redirected to /SOGo/connect 
and got:

{grace: -1, expire: -1}

If I remove /connect and refresh, I'm redirected to 
/SOGo/so/sebastien.pose/Mail/view and everything is ok.


Has anyone encountered a similar problem?

Thanks.
--
Sébastien Posé
Division des Services Informatiques
Rectorat de la Réunion
--
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] SSO using vulture

2011-06-08 Thread Fabrice Durand 
Hi, what a coincidence,
Yesterday I fixed this problem between Sogo and vulture.
Which version of vulture do you use and can you send me the
TransHandler.pmfile,
I make you a patch.

Regards
Fabrice Durand

Le 8 juin 2011 14:34, Sébastien Posé sebastien.p...@ac-reunion.fr a écrit
:

 Hi,

 I'm trying to use sogo throw vulture. I would like vulture authenticates my
 users by sending their login and password to the sogo's connection page (SSO
 feature).

 I'm able to authenticate users but they are redirected to /SOGo/connect and
 got:
 {grace: -1, expire: -1}

 If I remove /connect and refresh, I'm redirected to
 /SOGo/so/sebastien.pose/Mail/view and everything is ok.

 Has anyone encountered a similar problem?

 Thanks.
 --
 Sébastien Posé
 Division des Services Informatiques
 Rectorat de la Réunion
 --
 users@sogo.nu
 https://inverse.ca/sogo/lists

-- 
users@sogo.nu
https://inverse.ca/sogo/lists