Hi Mikael,

If you want to authenticate with CAS you only need to configure Apache
to use mod_auth_cas (see
https://wiki.jasig.org/display/CASC/mod_auth_cas) .

When you have that set up you then can simply use the BasicAuth
authentication for OTRS. We have multiple customers that are using
this with good results. There's nothing that you should need to hack
in OTRS for this.

If you want you can contact us for commercial support.
--
Michiel Beijen
Senior Consultant

OTRS BV
Schipholweg 103
2316 XC Leiden
The Netherlands

T: +31 71 8200 255
F: +31 71 8200 254
I: http://www.otrs.com

Increase efficiency up to 30% - get OTRS Help Desk 3.0:
http://www.otrs.com/

Ticket History

Hello,

I have setup otrs 3.0.5 with single sign on based on apache and mod_cas.

As this could be a problem when having different authentication scenarios
for agents and customers, I have tried to setup a CAS auth module by
copy/pasting code snippets here and there (I don't know perl...). I think
I'm almost there but I have an annoying bug I'm asking help for now.

I have created a CAS.pm file in /opt/otrs/Kernel/System/CustomerAuth

====
use CGI;
use AuthCAS;
use CGI;
use CGI::Carp qw( fatalsToBrowser );

...

sub Auth {
my ( $Self, %Param ) = @_;

my $cas = new AuthCAS(casUrl => 'https://sso.paris.iufm.fr/cas');
my $app_url = 'http://support.paris.iufm.fr/otrs/customer.pl';

unless ($ENV{QUERY_STRING} =~ /ticket=/) {
###
### Redirect the User for login at CAS
###
my $login_url = $cas-&g t;getServerLoginURL($app_url);
printf "Location: $login_url\n\n";
exit 0;
}

$ENV{QUERY_STRING} =~ /ticket=([^&]+)/; my $ST = $1;
my $User = $cas->validateST($app_url, $ST);
# return user
return $User;
}
============

The problem is with the line "unless ($ENV{QUERY_STRING} =~ /ticket=/) {".
It seems the $ENV{QUERY_STRING} is empty (not tested but I end in an
infinite loop, due to falling in this condition evrytime)

Would somebody have an idea about how to fix this check ?

Regards,

--
Mikael Kermorgant