CAS Auth redirect loop

[Bruno de Oliva Bemfica]

Hi again, everyone. Does anyone know why a CAS auth could be entering a loop redirect?

--
Bruno de Oliva Bemfica
Engenheiro de Software
MSN: brunoc...@live.com
Mobile: +55 11 8457-0978
http://www.devfranca.com.br
http://www.brunobemfica.net
http://www.codigofree.net

[Bruno de Oliva Bemfica]

Anyone? The app is entering a redirecting loop everytime I try to authenticate...

2011/8/17 Bruno de Oliva Bemfica <brunob...@gmail.com>

[Anthony]

Can you show some minimal code that reproduces the problem?

[Bruno de Oliva Bemfica]

Everytime I click the login button, I receive a message from firefox/chrome with a 310 error(too_many_redirects) telling me to delete the cookies
or allow third-party cookies. I have an app called "login"(the CAS Server) and another one called "ControleDeAtivos"(which should use the other app as a cas provider). Everything's going fine on the client app. When I click the "login" link(on the menu), I'm redirected to the cas server app login page,and after click the submit button, the browser shows the message. The URL showing on browser is this: http://172.16.7.10:8000/ControleDeAtivos/default/user/login?_next=%2FControleDeAtivos%2Fdefault%2Findex

The db.py file is attached.

2011/8/17 Anthony <abas...@gmail.com>

[Anthony]

Hmm, it appears to have something to do with the fact that you've got a custom auth_user table, but I can't figure out what. Maybe Massimo can help.

 

Anthony

On Wednesday, August 17, 2011 4:19:58 PM UTC-4, Bruno Codeman wrote:

Everytime I click the login button, I receive a message from firefox/chrome with a 310 error(too_many_redirects) telling me to delete the cookies
or allow third-party cookies. I have an app called "login"(the CAS Server) and another one called "ControleDeAtivos"(which should use the other app as a cas provider). Everything's going fine on the client app. When I click the "login" link(on the menu), I'm redirected to the cas server app login page,and after click the submit button, the browser shows the message. The URL showing on browser is this: http://172.16.7.10:8000/ControleDeAtivos/default/user/login?_next=%2FControleDeAtivos%2Fdefault%2Findex

The db.py file is attached.

2011/8/17 Anthony <abas...@gmail.com>

Can you show some minimal code that reproduces the problem?

On Wednesday, August 17, 2011 3:56:32 PM UTC-4, Bruno Codeman wrote:

Anyone? The app is entering a redirecting loop everytime I try to authenticate...

2011/8/17 Bruno de Oliva Bemfica <brun...@gmail.com>

Hi again, everyone. Does anyone know why a CAS auth could be entering a loop redirect?

--
Bruno de Oliva Bemfica
Engenheiro de Software

MSN: brun...@live.com

Mobile: +55 11 8457-0978
http://www.devfranca.com.br
http://www.brunobemfica.net
http://www.codigofree.net

--
Bruno de Oliva Bemfica
Engenheiro de Software

MSN: brun...@live.com

Mobile: +55 11 8457-0978
http://www.devfranca.com.br
http://www.brunobemfica.net
http://www.codigofree.net

[Bruno de Oliva Bemfica]

Thanks for your answer, Anthony. I fixed the problem returnin form = auth.login() on the controller, instead of form = auth(). But now, a new problem appeared: The client apps access the CAS server and after the login screen, they're redirected to the CAS app index page, instead of being redirected to the client URL. And, if I try to access the client app page again, the client app tries to authenticate again. It doesn't seem to be authenticated.

2011/8/17 Anthony <abas...@gmail.com>

[Anthony]

I'm not sure about this. Maybe submit a ticket on Google Code: http://code.google.com/p/web2py/issues/list

On Thursday, August 18, 2011 8:25:36 AM UTC-4, Bruno Codeman wrote:

Thanks for your answer, Anthony. I fixed the problem returnin form = auth.login() on the controller, instead of form = auth(). But now, a new problem appeared: The client apps access the CAS server and after the login screen, they're redirected to the CAS app index page, instead of being redirected to the client URL. And, if I try to access the client app page again, the client app tries to authenticate again. It doesn't seem to be authenticated.

2011/8/17 Anthony <abas...@gmail.com>

Hmm, it appears to have something to do with the fact that you've got a custom auth_user table, but I can't figure out what. Maybe Massimo can help.

 

Anthony

On Wednesday, August 17, 2011 4:19:58 PM UTC-4, Bruno Codeman wrote:

Everytime I click the login button, I receive a message from firefox/chrome with a 310 error(too_many_redirects) telling me to delete the cookies
or allow third-party cookies. I have an app called "login"(the CAS Server) and another one called "ControleDeAtivos"(which should use the other app as a cas provider). Everything's going fine on the client app. When I click the "login" link(on the menu), I'm redirected to the cas server app login page,and after click the submit button, the browser shows the message. The URL showing on browser is this: http://172.16.7.10:8000/ControleDeAtivos/default/user/login?_next=%2FControleDeAtivos%2Fdefault%2Findex

The db.py file is attached.

2011/8/17 Anthony <aba...@gmail.com>

Can you show some minimal code that reproduces the problem?

On Wednesday, August 17, 2011 3:56:32 PM UTC-4, Bruno Codeman wrote:

Anyone? The app is entering a redirecting loop everytime I try to authenticate...

2011/8/17 Bruno de Oliva Bemfica <bru...@gmail.com>

Hi again, everyone. Does anyone know why a CAS auth could be entering a loop redirect?

--
Bruno de Oliva Bemfica
Engenheiro de Software

MSN: bru...@live.com

Mobile: +55 11 8457-0978
http://www.devfranca.com.br
http://www.brunobemfica.net
http://www.codigofree.net

--
Bruno de Oliva Bemfica
Engenheiro de Software

MSN: bru...@live.com

Mobile: +55 11 8457-0978
http://www.devfranca.com.br
http://www.brunobemfica.net
http://www.codigofree.net

--
Bruno de Oliva Bemfica
Engenheiro de Software
MSN: brun...@live.com
Mobile: +55 11 8457-0978
http://www.devfranca.com.br
http://www.brunobemfica.net
http://www.codigofree.net

[Bruno Rocha]

I ran in the same problem, I figured out that using custom auth tables in provider app make the client app to run in infinite loop. I also tried to include 'username' field to the custom Auth table but did not solve the problem.

My custom Auth Table

https://gist.github.com/1172687 ( I tried with username = True, but did not works)

then in the client app i have

auth = Auth(db,hmac_key=Auth.get_or_create_key(),cas_provider='http://0.0.0.0:8000/tutor/default/user/cas') 

from gluon.contrib.login_methods.cas_auth import CasAuth

auth.settings.login_form=CasAuth(globals(), urlbase = "http://0.0.0.0:8000/tutor/default/user/cas", actions=['login', 'validate', 'logout'])

I got this as url:

http://0.0.0.0:8000/tutor/default/user/cas/login?service=http://0.0.0.0:8000/client/default/user/login

and the browser error:

This webpage has a redirect loop

The webpage at http://0.0.0.0:8000/tutor/default/user/cas/login?service=http://0.0.0.0:8000/client/default/user/login has resulted in too many redirects. Clearing your cookies for this site or allowing third-party cookies may fix the problem. If not, it is possibly a server configuration issue and not a problem with your computer.

It is strange because I already use CAS in another apps, but this apps has default auth table and runs very well, I also created an adapter to bring groups and permissions from provider to client and stores in a kind of cache.

The problem seems to be when using custom auth tables.

Any clue?

[Anthony]

Yes, I even created a custom table by copying the exact auth_user table from Auth.define_tables, and it still generated the redirect loop, so it doesn't appear to have anything to do with the particular fields or definition of the auth_user table -- just the fact that it is defined outside of define_tables(). It wasn't clear what was causing the loop in that case.

Anthony

[Bruno Rocha]

May be this url? http://0.0.0.0:8000/tutor/default/user/cas/login?service=http://0.0.0.0:8000/client/default/user/login

always redirect to /login

--

--

Bruno Rocha

[ About me: http://zerp.ly/rochacbruno ]

[ Aprenda a programar: http://CursoDePython.com.br ]

[ O seu aliado nos cuidados com os animais: http://AnimalSystem.com.br ]

[ Consultoria em desenvolvimento web: http://www.blouweb.com ]

[Bruno Rocha]

Anthony, as your code looks more compact, an you open an issue? and link your example code? ( I would do it but my code is too large to paste in)

On Fri, Aug 26, 2011 at 1:44 AM, Anthony <abas...@gmail.com> wrote:

[Bruno Rocha]

Bump!

Any news about it?

I tried to change almost everything, but still enters in redirect loop..

[Jay]

The only comment I have is that there may be problem in the code at
redirect. Raising an exception in redirect does not seem to work. I
would look there.
My $.02.

Jay

[Bruno Codeman]

Any news about it?

[H. Das]

I have the same problem too. I'm using custom auth_user table, as well as a custom decorator. After a new user registration, the browser returns a 310 error. I have to remove this custom decorator from every controller function for the problem to disappear during new registrations. This is very frustrating. Please help.

[Mirko]

Hi all,

being on a LAN and behind a proxy, I solved this with:

export https_proxy=""
export http_proxy=""

(on a linux box)

Cas auth is working like a charm after that :)

Hope it helps, 

Mirko

[علی پیشکاری‎]

I have the same problem. 

I just created an empty mvc application. I cal  redirect to cas login page but after loginig lopp error has occured