Uploaded image for project: 'VCL'
  1. VCL
  2. VCL-1105

Shibboleth authentication broken due to bug in getCryptKeyID

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 2.5.1
    • Component/s: web gui (frontend)
    • Labels:
      None

      Description

      Shibboleth authentication results in a failed query due to the way the cryptkeyid file is located in getCryptKeyID in utils.php.  The function ends up getting called from vcl/shibauth/index.php.  This results in the function looking for vcl/shibauth/.ht-inc/cryptkey/cryptkeyid instead of vcl/.ht-inc/cryptkey/cryptkeyid.  An additional preg_replace should be added to strip out /shibauth if it exists in $_SERVER['SCRIPT_FILENAME'].

      function getCryptKeyID() {
          $reg = "|" . SCRIPT . "$|";
          $filebase = preg_replace($reg, '', $_SERVER['SCRIPT_FILENAME']);
          $filebase = preg_replace('|/shibauth|', '', $filebase);
          $filebase .= "/.ht-inc/cryptkey";
          $idfile = "$filebase/cryptkeyid";

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              jfthomps Josh Thompson
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: