Ticket #192 (closed defect: fixed)

Opened 6 years ago

Last modified 5 years ago

Anonymous access to topaz not possible when Fedora is CAS protected

Reported by: ronald Assigned to: pradeep
Priority: unassigned Milestone:
Component: topaz Version: 0.5-SNAPSHOT
Keywords: CAS Cc:
Blocking: Blocked By:

Description

Steve wrote:

Also, when CAS is enabled and user is not yet logged in (i.e. it is just some anonymous user browsing the site), what type of service and I expected to create: UnProtectedService, PasswordProtectedService? The problem is, I can't create the CASProtectedService cause there is no PGT-IOU. But I don't create a CAS service, the Topaz->Fedora communication fails since there is no PGT-IOU. What is the expected way to handle this?

I.e the situation is: Fedora is CAS protected, and so is Topaz. Hence Topaz uses CASProtectedService to access Fedora, but that throws an exception (line 143) if no receipt is present, thereby preventing all anonymous access.

Looking at the history, it looks like this used to work before [482].

Dependency Graph

Change History

10/16/06 19:33:23 changed by pradeep

(In [800]) If no CASReceipt is available, CASProtectedService behaves like an UnProtectedService?. Addresses #192.

10/16/06 19:55:02 changed by pradeep

This is only correctly fixable if fedora has soap-rpc method level authentication. Note that the same will be true if we were chaining Topaz services. So in the short term the only guaranteed work around is to use BASIC auth for accessing fedora. ie. CAS proxy chain stops at Topaz.

10/20/06 17:29:37 changed by ebrown

  • milestone changed from TBD to november6.

11/17/06 12:39:52 changed by amit

  • status changed from new to closed.
  • resolution set to fixed.

Done.

10/29/07 21:12:54 changed by

  • milestone deleted.

Milestone november6 deleted