CoreCommunity ExtensionsDistributionsFeature-RequestsTYPO3 6.2 Projects (+)(Archived Projects)

Bug #64018

Lost logged in status when switching page - ig_ldap_sso

Added by layen julian 7 months ago. Updated 6 months ago.

Status:Closed Start date:2014-12-22
Priority:Should have Due date:
Assigned To:- % Done:

100%

Category:-
Target version:-
TYPO3 Version:

Description

Hi there.

So were are trying to implement an autologin feature in one of our projects using the ig_ldap_sso_auth extension (v1.3)
So far, everything is working correctly when going to the login page and entering our credentials.
We get a redirect to the CAS login page which, in turns, logs us in and redirects us to Typo3.

The problem is that, when switching page after being logged in, we loose the logged in status right away.

Here are various problems:

- I tried to play with the dontSetCookies = FALSE and forceSetCookies values in '/typo3conf/ext/ig_ldap_sso_auth/pi1/class.tx_igldapssoauth_pi1.php'

It seems like we are never able to create a cookie. Even right away after the log in, in the page that displays that we are effectively connected, no cookie is created.
Is the cookie the culprit here or should it work anyway without cookie, only with sessions.

- Once ig_ldap_sso is installed, we are no longer able to log in through a regular fe_login form.

Similar bugs: (can't post links )
bug #57751
bug #61287 (Not so similar, but anyway.)

- From the similar bugs we found on the forge, we tried the following:
$fe_user = $GLOBALS['TSFE']->fe_user;
$fe_user->createUserSession(array('uid' => $feuser['uid']));
$fe_user->storeSessionData();
$fe_user->user = $fe_user->getRawUserByUid($feuser['uid']);
$fe_user->fetchGroupData();
$GLOBALS['TSFE']->loginUser = 1;

-> Still no cookie at all

Help would be greatly appreciated.

Regards,


Related issues

related to Core - Bug #57751: Felogin session not set Resolved 2014-04-08

History

#1 Updated by Xavier Perseguers 7 months ago

Hi,

So were are trying to implement an autologin feature in one of our projects using the ig_ldap_sso_auth extension (v1.3)
So far, everything is working correctly when going to the login page and entering our credentials.
We get a redirect to the CAS login page which, in turns, logs us in and redirects us to Typo3.

The problem is that, when switching page after being logged in, we loose the logged in status right away.

Cannot say if it is related to CAS (not supported anymore) or not but it does not seem to be related to this extension.

- Once ig_ldap_sso is installed, we are no longer able to log in through a regular fe_login form.

Did you authorize fallback to TYPO3 login in EM? If not then only LDAP records are checked.

#2 Updated by layen julian 7 months ago

Hi,

Yes, I do authorize CAS connexion and basic connexion, but the problem persists.

I don't find an exemple of autologin for TYPO3 6.2.X. Perhaps the autologin's method changed with TYPO3 6.2.X.

After calling $fe_user->createUserSession my session is created, but just in the current page.

#3 Updated by Xavier Perseguers 7 months ago

Problem of autologin in 6.2 could be inspired by how Kerberos SSO was implemented, using an authentication service: https://git.typo3.org/TYPO3CMS/Extensions/igLdapSsoAuth.git/commitdiff/a8b6b313d892a8151ad793c10a43840bc33b82e9

Basically you just have to return a TYPO3 user array without worrying about invoking $fe_user->createUserSession or the rest.

Still, this does not look like an actual bug in ig_ldap_sso_auth since you are trying to implement CAS authentication and not simply use this extension as this.

#4 Updated by layen julian 7 months ago

Hi,

I test your code.

Thanks a lot.

#5 Updated by layen julian 7 months ago

  • % Done changed from 0 to 100

Hi,

The problem was caused by Varnish. Indeed Varnish disable CAS cookies.

Solution : https://www.varnish-cache.org/trac/wiki/VCLExampleCacheCookies

Thanks.

#6 Updated by Xavier Perseguers 6 months ago

  • Status changed from New to Closed

Also available in: Atom PDF