View Issue Details

IDProjectCategoryView StatusLast Update
0001456SOGoBackend Generalpublic2017-03-01 11:22
Reporterjmkjfc Assigned Toludovic  
PrioritynormalSeveritymajorReproducibilityalways
Status resolvedResolutionfixed 
Product Version1.3.8a 
Fixed in Version3.2.8 
Summary0001456: CAS Authentication : CAS session timeout leads to bad parameters when adding a new appointment
Description

Context : sogo + CAS authntication

Problem : when adding a new appointment we sometime create an event with bad parameters.
Step to reproduce : connect to sogo
add a newx appointment
wait some minute (or tryto play with free-busy)
save the appointment
Added event is created with bad start/end date

Uploaded patch (fake sogo request before real POST submission) should correct this behavior

Additional Information

Maybe important : we are in a calendar only configuration without mail GUI.

Explanation :

+)Sogo needs to revalidate the service tcket if the user does not create the event quickly enough.
+) Sogo redirects the browser towards the cas service
+) Event creation is done through a POST request and the POST parameters are lost when the control come back to SOGo after tickezt validation.

TagsNo tags attached.

Relationships

related to 0002425 resolvedludovic Invalid "no recipient" warning when sending mail with CAS authentication 

Activities

2011-10-06 05:31

 

sogo-cas.diff (2,865 bytes)   
Index: usr/lib/GNUstep/SOGo/WebServerResources/generic.js
===================================================================
--- usr/lib/GNUstep/SOGo/WebServerResources/generic.js	(.../trunk)	(révision 11)
+++ usr/lib/GNUstep/SOGo/WebServerResources/generic.js	(.../tags/v1.3.8.b1)	(révision 11)
@@ -258,6 +258,24 @@
     document.body.appendChild(newIFrame);
 }
 
+
+function createCASRecoveryIFrame2(url) {
+
+	var mareq = new XMLHttpRequest();    
+    var urlstr = UserFolderURL;
+    if (!urlstr.endsWith('/'))
+        urlstr += '/';
+    urlstr += "recover";
+
+    var newIFrame = createElement("iframe", null, "hidden",
+                                  { src: urlstr });
+    newIFrame.request = mareq.open("GET", url, false);
+    newIFrame.observe("load", onCASRecoverIFrameLoaded);
+    document.body.appendChild(newIFrame);
+}
+
+
+
 function onCASRecoverIFrameLoaded(event) {
     if (this.request) {
         var request = this.request;
Index: usr/lib/GNUstep/SOGo/WebServerResources/UIxTaskEditor.js
===================================================================
--- usr/lib/GNUstep/SOGo/WebServerResources/UIxTaskEditor.js	(.../trunk)	(révision 11)
+++ usr/lib/GNUstep/SOGo/WebServerResources/UIxTaskEditor.js	(.../tags/v1.3.8.b1)	(révision 11)
@@ -184,9 +184,19 @@
 }
 
 function saveEvent(sender) {
-  if (validateTaskEditor())
-    document.forms['editform'].submit();
+  if (validateTaskEditor()){
+    	/* Modifications Franck.Bordinat@univ-jfc.fr 13/09/2011
+           création d'un iframe qui créé une
+           requête GET avant la soumission du formilaire*/
 
+    	var url = "https://agenda.univ-jfc.fr";
+     	activeAjaxRequests--;
+        checkAjaxRequestsState();
+    	createCASRecoveryIFrame2(url);
+    	
+    	document.forms['editform'].submit();
+	}
+
   return false;
 }
 
Index: usr/lib/GNUstep/SOGo/WebServerResources/UIxAppointmentEditor.js
===================================================================
--- usr/lib/GNUstep/SOGo/WebServerResources/UIxAppointmentEditor.js	(.../trunk)	(révision 11)
+++ usr/lib/GNUstep/SOGo/WebServerResources/UIxAppointmentEditor.js	(.../tags/v1.3.8.b1)	(révision 11)
@@ -210,6 +210,15 @@
 
 function saveEvent(sender) {
     if (validateAptEditor()) {
+    	
+    	/* Modifications Franck.Bordinat@univ-jfc.fr 13/09/2011 
+	   création d'un iframe qui créé une 
+	   requête GET avant la soumission du formilaire*/
+    	var url = "https://agenda.univ-jfc.fr";
+     	activeAjaxRequests--;
+        checkAjaxRequestsState();
+    	createCASRecoveryIFrame2(url);
+    	
         document.forms['editform'].attendees.value = Object.toJSON($(attendees));
         document.forms['editform'].submit();
     }

Modification de propriétés sur .
___________________________________________________________________
Modifié : svn:mergeinfo
   Fusionné /trunk:r10

sogo-cas.diff (2,865 bytes)   
ludovic

ludovic

2017-03-01 11:22

administrator   ~0011397

Fixed - https://github.com/inverse-inc/sogo/commit/af3a35169a585b3d242042f6da7915ac4ea5f755

Issue History

Date Modified Username Field Change
2011-10-06 05:31 jmkjfc New Issue
2011-10-06 05:31 jmkjfc File Added: sogo-cas.diff
2013-09-30 08:58 ludovic Relationship added related to 0002425
2017-03-01 11:22 ludovic Note Added: 0011397
2017-03-01 11:22 ludovic Status new => resolved
2017-03-01 11:22 ludovic Fixed in Version => 3.2.8
2017-03-01 11:22 ludovic Resolution open => fixed
2017-03-01 11:22 ludovic Assigned To => ludovic