Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Redirect loop when using CAS sign in #134

Open
paszczus opened this issue Sep 21, 2023 · 9 comments
Open

Redirect loop when using CAS sign in #134

paszczus opened this issue Sep 21, 2023 · 9 comments

Comments

@paszczus
Copy link

paszczus commented Sep 21, 2023
edited
Loading

Hello,
We are trying to use an authorizer on a multisite setup, and after setting it up, it redirects us to the CAS server. After a successful login, we end up in an endless loop. What can cause this problem?
This happens when using a Proxy and the SAML 1.1 protocol. After switching to CAS 2.0/3.0, after login, it immediately logs out from CAS.
Version 3.6.3.1, WordPress 6.3.1.
@figureone
Copy link
Member

Thanks for the report, we'll see if we can reproduce. Might be an issue with using a proxy, we don't use that configuration. We may have to add another plugin option to support proxy config.

@figureone
Copy link
Member

Also can you confirm that the Authorizer Setting "CAS server method" is set to Proxy instead of Client?

@figureone
Copy link
Member

One more question, do you have any other plugins or hooks that affect the login flow or move the wp-login.php endpoint?

@StevieDrew
Copy link

Hi,

I'm encountering the same issue. I am using a client with CAS 3.0 protocol.

@pkarjala pkarjala mentioned this issue Nov 9, 2023
Closed
@pkarjala
Copy link
Collaborator

pkarjala commented Nov 9, 2023

@StevieDrew Are you using a proxy in your setup? Trying to narrow down some of the possible causes of the issue.

@paszczus Do you have any additional information as requested by figurone?

@StevieDrew
Copy link

Hi @pkarjala No proxy, just a client setup.

@pkarjala
Copy link
Collaborator

pkarjala commented Nov 9, 2023

OK; do you happen to have any logs showing errors or additional information when the redirect loop is occurring?

@Rushtard
Copy link

Hi,
I have a similar issue, my CAS server is correctly configured, but facing an issue:

[Fri Jan 26 13:14:56.238104 2024] [php:notice] [pid 90654] [client xxx.xxx.xxx.xxx:52692] CAS server returned an Authe ntication Exception. Details:
[Fri Jan 26 13:14:56.240792 2024] [php:notice] [pid 90654] [client xxx.xxx.xxx.xxx:52692] CAS URL: https://auth.xxxxxxxxx.fr/sso/serviceValidate?service=http%3A%2F%2Fxxxxxxxxx.fr%2Fwordpress%2Fwp-login.php%3Fexter nal%3Dcas&ticket=ST-authxxxxxxxxxfr-bb3ad1695e83e23907991a2926eaa0c9c6638e046f0e74af1e09bbad\nAuthenticatio n failure: Ticket not validated\nReason: no response from the CAS server

No problem with similar CAS plugins for other services (nextcloud and limesurvey)
running wordpress 6.3.2 on php 8.1

@figureone
Copy link
Member

@Rushtard the "no response from the CAS server" message sounds like a network issue, can you verify that the WordPress site can reach the CAS server? The Authorizer settings page will try to warn you if the server is unreachable:
Screenshot 2024-02-01 at 11 39 32 AM

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@figureone @paszczus @pkarjala @Rushtard @StevieDrew