[otrs] [Ticket #5488] CAS single sign on with perl authcas module

KIRAN IT kiran1432u at gmail.com
Sun Jul 3 18:51:37 GMT 2011

This is a notification from the Help Desk.

On Jul 04, 2011 @ 12:21 am, noreply at tamay-dogan.net wrote:
WARNING:  This is an automated message after you send out over
          100 unsolicited messages to my account and others.

Stop your customers spaming ME, my Mailinglists and my Mailservers,
and any other users of <otrs at otrs.org>. by your crap service!
We have nothing to do with YOUR Ticket-System!


>From root  Sun Jul  3 20:51:11 2011
Return-Path: <otrs-bounces at otrs.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.tamay-dogan.net
X-Spam-Status: No, score=0.0 required=5.0 tests=FREEMAIL_FROM,HTML_MESSAGE,
	autolearn=ham version=3.3.1
Delivered-To: a-linux.ml4michelle at tamay-dogan.net
Received: from lusen.otrs.org (lusen.otrs.org [::ffff:])
  by mail.tamay-dogan.net with esmtp; Sun, 03 Jul 2011 20:50:32 +0200
  id 00001F45.4E10B9F8.00005BA5
Received: from lusen.otrs.org (localhost [])
	by lusen.otrs.org (Postfix) with ESMTP id 68312564DF;
	Sun,  3 Jul 2011 18:50:46 +0000 (GMT)
X-Original-To: otrs-otrs at lusen.otrs.org
Delivered-To: otrs-otrs at lusen.otrs.org
Received: from mail.otrs.com (osser.otrs.com [])
	by lusen.otrs.org (Postfix) with ESMTP id C29FE564DA
	for <otrs-otrs at lusen.otrs.org>; Sun,  3 Jul 2011 18:50:45 +0000 (GMT)
Received: from localhost (localhost [])
	by mail.otrs.com (Postfix) with ESMTP id 215B6EE095
	for <otrs-otrs at lusen.otrs.org>; Sun,  3 Jul 2011 20:50:27 +0200 (CEST)
Received: from mail.otrs.com ([])
	by localhost (osser.otrs.com []) (amavisd-new, port 10024)
	with ESMTP id 03014-06 for <otrs-otrs at lusen.otrs.org>;
	Sun,  3 Jul 2011 20:50:24 +0200 (CEST)
Received: from mail-pv0-f182.google.com (mail-pv0-f182.google.com
	[]) (using TLSv1 with cipher RC4-SHA (128/128 bits))
	(No client certificate requested)
	by mail.otrs.com (Postfix) with ESMTP id 13E9CEBA39
	for <otrs at otrs.org>; Sun,  3 Jul 2011 20:50:22 +0200 (CEST)
Received: by pvg11 with SMTP id 11so5525714pvg.13
	for <otrs at otrs.org>; Sun, 03 Jul 2011 11:50:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
Received: by with SMTP id u27mr2612811wfc.2.1309719019138;
	Sun, 03 Jul 2011 11:50:19 -0700 (PDT)
Received: from  ([])
	by mx.google.com with ESMTPS id x1sm3432167pbb.18.2011.
	(version=TLSv1/SSLv3 cipher=OTHER);
	Sun, 03 Jul 2011 11:50:18 -0700 (PDT)
Date: Mon, 04 Jul 2011 00:17:06 +0530
From: KIRAN IT <kiran1432u at gmail.com>
To: otrs at otrs.org
Message-ID: <4e10b92aebda5_1984cae7b27436849 at itsupport.mail>
Mime-Version: 1.0
Content-Type: multipart/mixed;
Content-Transfer-Encoding: 7bit
Subject: [otrs] [Ticket #5488] CAS single sign on with perl authcas module
X-BeenThere: otrs at otrs.org
X-Mailman-Version: 2.1.11
Precedence: list
Reply-To: "User questions and discussions about OTRS." <otrs at otrs.org>
List-Id: "User questions and discussions about OTRS." <otrs.otrs.org>
List-Unsubscribe: <http://lists.otrs.org/cgi-bin/options/otrs>,
	<mailto:otrs-request at otrs.org?subject=unsubscribe>
List-Archive: <http://lists.otrs.org/pipermail/otrs>
List-Post: <mailto:otrs at otrs.org>
List-Help: <mailto:otrs-request at otrs.org?subject=help>
List-Subscribe: <http://lists.otrs.org/cgi-bin/listinfo/otrs>,
	<mailto:otrs-request at otrs.org?subject=subscribe>
Sender: otrs-bounces at otrs.org
Errors-To: otrs-bounces at otrs.org
X-TDMailSerialnumber: 10752516

Date: Mon, 04 Jul 2011 00:17:06 +0530
Mime-Version: 1.0
Content-Type: multipart/alternative;
Content-Transfer-Encoding: 7bit
Content-ID: <4e10b92aebda5_1984cae7b274367b at itsupport.mail>

Date: Mon, 04 Jul 2011 00:17:06 +0530
Mime-Version: 1.0
Content-Type: text/plain;
Content-Transfer-Encoding: 7bit
Content-ID: <4e10b92ae809d_1984cae7b27436590 at itsupport.mail>

This is a notification from the Help Desk.

==Ticket History==

On Jul 04, 2011 @ 12:16 am, michiel.beijen at otrs.com wrote:
Hi Mikael,

If you want to authenticate with CAS you only need to configure Apache
to use mod_auth_cas (see
https://wiki.jasig.org/display/CASC/mod_auth_cas) .

When you have that set up you then can simply use the BasicAuth
authentication for OTRS. We have multiple customers that are using
this with good results. There's nothing that you should need to hack
in OTRS for this.

If you want you can contact us for commercial support.
Michiel Beijen
Senior Consultant

Schipholweg 103
2316 XC  Leiden
The Netherlands

T: +31 71 8200 255
F: +31 71 8200 254
I:  http://www.otrs.com

Increase efficiency up to 30% - get OTRS Help Desk 3.0:

On Jul 03, 2011 @ 03:31 am, mikael.kermorgant at gmail.com wrote:

I have setup otrs 3.0.5 with single sign on based on apache and mod_cas.

As this could be a problem when having different authentication scenarios
for agents and customers, I have tried to setup a CAS auth module by
copy/pasting code snippets here and there (I don't know perl...). I think
I'm almost there but I have an annoying bug I'm asking help for now.

I have created a CAS.pm file in  /opt/otrs/Kernel/System/CustomerAuth

use CGI;
use AuthCAS;
use CGI;
use CGI::Carp qw( fatalsToBrowser );


sub Auth {
    my ( $Self, %Param ) = @_;

    my $cas = new AuthCAS(casUrl => 'https://sso.paris.iufm.fr/cas');
    my $app_url = 'http://support.paris.iufm.fr/otrs/customer.pl';

    unless ($ENV{QUERY_STRING} =~ /ticket=/) {
    ### Redirect the User for login at CAS
      my $login_url = $cas->getServerLoginURL($app_url);
      printf "Location: $login_url\n\n";
      exit 0;

    $ENV{QUERY_STRING} =~ /ticket=([^&]+)/; my $ST = $1;
    my $User = $cas->validateST($app_url, $ST);
    # return user
    return $User;

The problem is with the line "unless ($ENV{QUERY_STRING} =~ /ticket=/) {".
It seems the $ENV{QUERY_STRING} is empty (not tested but I end in an
infinite loop, due to falling in this condition evrytime)

Would somebody have an idea about how to fix this check ?


Mikael Kermorgant

This is an automated response.  Your issue has been noted.  We'll be in touch soon.

Please reply to this email or visit the URL below with any additional details.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.otrs.org/pipermail/otrs/attachments/20110704/1e1090d4/attachment-0001.html>

More information about the otrs mailing list