schooltool-developers team mailing list archive

[Alan Elkner <aelkner@xxxxxxxxx>]

Ok, I need to load the new version of CAS then.  Thanks.

On Mon, Apr 5, 2010 at 3:31 PM, Gediminas Paulauskas <menesis@xxxxxx> wrote:
> 2010/4/5 Douglas Cerna <douglascerna@xxxxxxxxx>:
>> Alan:
>>
>> Try changing:
>>
>>>     request.response.redirect(requrl)
>>
>> to:
>>
>>>     request.response.redirect(requrl, trusted=True)
>>
>> in the authenticate method of the plugin in /srv/schooltool/schooltool.cas/src/schooltool/cas/__init__.py
>
> Yes, that's how it was fixed long ago:
> http://bazaar.launchpad.net/~schooltool-owners/schooltool.cas/trunk/revision/32
>
>>
>> Douglas
>>
>> "... allí­ es cuando te das cuenta que las cosas malas pueden resultar bastante buenas..." - Lionel Messi
>>
>> Por favor, evite enviarme adjuntos de Word, Excel o PowerPoint.
>> Vea http://www.gnu.org/philosophy/no-word-attachments.es.html
>>
>>
>> --- On Mon, 4/5/10, Douglas Cerna <douglascerna@xxxxxxxxx> wrote:
>>
>>> From: Douglas Cerna <douglascerna@xxxxxxxxx>
>>> Subject: Re: [Schooltool-developers] CAS problem
>>> To: "Alan Elkner" <aelkner@xxxxxxxxx>
>>> Cc: "SchoolTool Developers" <schooltool-developers@xxxxxxxxxxxxxxxxxxx>
>>> Date: Monday, April 5, 2010, 2:13 PM
>>> Alan:
>>>
>>> Check for the zope.publisher PyPI page:
>>>
>>> http://pypi.python.org/pypi/zope.publisher
>>>
>>> Maybe it's related to the changes on "3.9.0 (2009-08-27)"
>>>
>>> """Fix #98471: Restrict redirects to current host. This
>>> causes a ValueError to be raised in the case of redirecting
>>> to a different host. If this is intentional, the parameter
>>> trusted can be given."""
>>>
>>> Douglas
>>>
>>> "... allí­ es cuando te das cuenta que las cosas malas
>>> pueden resultar bastante buenas..." - Lionel Messi
>>>
>>> Por favor, evite enviarme adjuntos de Word, Excel o
>>> PowerPoint.
>>> Vea http://www.gnu.org/philosophy/no-word-attachments.es.html
>>>
>>>
>>> --- On Mon, 4/5/10, Alan Elkner <aelkner@xxxxxxxxx>
>>> wrote:
>>>
>>> > From: Alan Elkner <aelkner@xxxxxxxxx>
>>> > Subject: [Schooltool-developers] CAS problem
>>> > To: schooltool-developers@xxxxxxxxxxxxxxxxxxx
>>> > Date: Monday, April 5, 2010, 2:03 PM
>>> > Could it be that we need to change
>>> > something in schooltool.cas as a
>>> > result of using new zope packages?  Starting
>>> > schooltool at SLA with
>>> > CAS enabled gives the following error:
>>> >
>>> > Traceback (most recent call last):
>>> >   File
>>> >
>>> "/srv/schooltool/schooltool/eggs/zope.publisher-3.11.0-py2.5.egg/zope/publisher/publish.py",
>>> > line 131, in publish
>>> >     obj = request.traverse(obj)
>>> >   File
>>> >
>>> "/srv/schooltool/schooltool/eggs/zope.publisher-3.11.0-py2.5.egg/zope/publisher/browser.py",
>>> > line 542, in traverse
>>> >     ob = super(BrowserRequest,
>>> > self).traverse(obj)
>>> >   File
>>> >
>>> "/srv/schooltool/schooltool/eggs/zope.publisher-3.11.0-py2.5.egg/zope/publisher/http.py",
>>> > line 456, in traverse
>>> >     ob = super(HTTPRequest, self).traverse(obj)
>>> >   File
>>> >
>>> "/srv/schooltool/schooltool/eggs/zope.publisher-3.11.0-py2.5.egg/zope/publisher/base.py",
>>> > line 250, in traverse
>>> >     publication.callTraversalHooks(self, obj)
>>> >   File
>>> >
>>> "/srv/schooltool/schooltool/eggs/zope.app.publication-3.10.0-py2.5.egg/zope/app/publication/zopepublication.py",
>>> > line 135, in callTraversalHooks
>>> >     self._maybePlacefullyAuthenticate(request,
>>> > ob)
>>> >   File
>>> >
>>> "/srv/schooltool/schooltool/eggs/zope.app.publication-3.10.0-py2.5.egg/zope/app/publication/zopepublication.py",
>>> > line 122, in _maybePlacefullyAuthenticate
>>> >     principal = auth.authenticate(request)
>>> >   File
>>> >
>>> "/srv/schooltool/schooltool/src/schooltool/app/security.py",
>>> > line 219, in authenticate
>>> >     return self.authPlugin.authenticate(request)
>>> >   File
>>> >
>>> "/srv/schooltool/schooltool.cas/src/schooltool/cas/__init__.py",
>>> > line 125, in authenticate
>>> >     request.response.redirect(requrl)
>>> >   File
>>> >
>>> "/srv/schooltool/schooltool/eggs/zope.publisher-3.11.0-py2.5.egg/zope/publisher/browser.py",
>>> > line 761, in redirect
>>> >     return super(BrowserResponse,
>>> > self).redirect(location, status, trusted)
>>> >   File
>>> >
>>> "/srv/schooltool/schooltool/eggs/zope.publisher-3.11.0-py2.5.egg/zope/publisher/http.py",
>>> > line 888, in redirect
>>> >     % target_host)
>>> > ValueError: Untrusted redirect to host
>>> 'sla.cas.host:443'
>>> > not allowed.
>>> >
>>> > I replaced the actual host name with a fake one in
>>> this
>>> > note for
>>> > security reasons.  I know the cas server name (the
>>> > real one) is right
>>> > and that it worked using the older version of
>>> schooltool
>>> > which in turn
>>> > used older zope packages, so that's why Chris
>>> suggested
>>> > that there may
>>> > have been a change in zope to cause the error.  That
>>> > may be the case,
>>> > but I don't know why.
>>> >
>>> > Does anybody have any ideas?
>>> >
>>> > _______________________________________________
>>> > Mailing list: https://launchpad.net/~schooltool-developers
>>> > Post to     : schooltool-developers@xxxxxxxxxxxxxxxxxxx
>>> > Unsubscribe : https://launchpad.net/~schooltool-developers
>>> > More help   : https://help.launchpad.net/ListHelp
>>> >
>>>
>>> _______________________________________________
>>> Mailing list: https://launchpad.net/~schooltool-developers
>>> Post to     : schooltool-developers@xxxxxxxxxxxxxxxxxxx
>>> Unsubscribe : https://launchpad.net/~schooltool-developers
>>> More help   : https://help.launchpad.net/ListHelp
>>>
>>
>>
>> _______________________________________________
>> Mailing list: https://launchpad.net/~schooltool-developers
>> Post to     : schooltool-developers@xxxxxxxxxxxxxxxxxxx
>> Unsubscribe : https://launchpad.net/~schooltool-developers
>> More help   : https://help.launchpad.net/ListHelp
>>
>