CAS Authentication Error

[Cristian Ozan]

I'm testing an iTop 3.1 Instance with CAS authentication,

After configuring the CAS parameters in my instance and try to authenticate to my cas server I recive the following error...

This is my cas configuration.

authent-cas' => array (
'cas_debug' => true,
'cas_host' => 'sso.mydomain.com',
'cas_port' => 443,
'cas_context' => 'auth-user',
'cas_version' => '1.6',
'service_base_url' => 'http://my.itop.url',
),

iTop versión 3.1.0-2-11973
MySQL: 10.11.4-MariaDB-1~deb12u1
PHP: 8.1.25

Note that inside the phpcas source directory ( /lib/apereo/phpcas/source/CAS/) is not present the ServiceBaseUrl Directory. I downloaded it from the site https://github.com/apereo/phpCAS/tree/master/source/CAS, but the error continues.

Stack trace:
2023-11-23 13:59:55 | Error | | Uncaught Error: Class "CAS_ServiceBaseUrl_Static" not found in /var/www/html/itop/lib/apereo/phpcas/source/CAS/Client.php:4046
Stack trace:

0 /var/www/html/itop/lib/apereo/phpcas/source/CAS/Client.php(957): CAS_Client->_setServiceBaseUrl()

1 /var/www/html/itop/lib/apereo/phpcas/source/CAS.php(369): CAS_Client->construct()

2 /var/www/html/itop/env-production/authent-cas/src/CASLoginExtension.php(174): phpCAS::client()

3 /var/www/html/itop/env-production/authent-cas/src/CASLoginExtension.php(59): Combodo\iTop\Cas\CASLoginExtension::InitCASClient()

4 /var/www/html/itop/application/applicationextension.inc.php(110): Combodo\iTop\Cas\CASLoginExtension->OnReadCredentials()

5 /var/www/html/itop/application/loginwebpage.class.inc.php(486): AbstractLoginFSMExtension->LoginAction()

6 /var/www/html/itop/application/loginwebpage.class.inc.php(1016): LoginWebPage::Login()

7 /var/www/html/itop/application/loginwebpage.class.inc.php(996): LoginWebPage::DoLoginEx()**

8 /var/www/html/itop/pages/UI.php(313): LoginWebPage::DoLogin()

9 {main}

thrown | IssueLog |||
array (
'type' => 1,
'file' => '/var/www/html/itop/lib/apereo/phpcas/source/CAS/Client.php',
'line' => 4046,
)

[Maxime FARDEL]

Hello,

I have the same issue. Does anyone have a solution.

Thanks

[Cristian Ozan]

ello Maxime
I find this temporal solution....

To solve this situation a need to modify some variables in the Client.php file (phpCAS-master/source/CAS/Client.php)

In the function...
public function setURL($url)
{
// Argument Validation
if (gettype($url) != 'string')
throw new CAS_TypeMismatchException($url, '$url', 'string');

// $this->_url = $url; // Comment this line
$this-> url = 'my.sso.server';
}

In the function

private function _setServiceBaseUrl($name)
{
if (is_array($name)) {
$this->_serviceBaseUrl = new CAS_ServiceBaseUrl_AllowedListDiscovery($name);
} else if (is_string($name)) {
$this->_serviceBaseUrl = 'my.sso.server';
} else if ($name instanceof CAS_ServiceBaseUrl_Interface) {
$this->_serviceBaseUrl = $name;
} else {
throw new CAS_TypeMismatchException($name, '$name', 'array, string, or CAS_ServiceBaseUrl_Interf>
}
}

And..
public function getURL()
{
phpCAS::traceBegin();
// the URL is built when needed only

$this->_url = 'https://my.itop.instance/itop/pages/UI.php';

}

"Hope this is helpful for you."
Cristian

[Cristian Ozan]

[Guillaume Lajarige]

Hello Cristian,

This was indeed a regression from iTop 3.1.0, it has been fixed in iTop 3.1.1-1 which will be available early 2024. In the meantime, you can find the fix here.

Take care,
Guillaume

[Pierre Goiffon]

Combodo internal ref : N°7046

[Maxime FARDEL]

Hello Guillaume, Pierre

Thank you for your answer. Can i copy apereo and composer folders to lib directory to fix issue ?

[Pierre Goiffon]

Hello,

Just copy those directories:
- /lib/apereo/phpcas/source/CAS/ServiceBaseUrl
- /lib/composer/

You can get the sources from the support/3.1 branch

[Guillaume Lajarige]

Hello,

This was fixed in iTop 3.1.1-1 which is now available for download here :)

Take care,
Guillaume

[Pierre Goiffon]

The problem was also submitted in [#2211]