Tags:
create new tag
view all tags

SID-02467: CasLoginContrib throwing error after CAS upgrade to TLS v1.2

Status: Asked Asked TWiki version: 6.0.0 Perl version: 5.10.1
Category: CasLoginContrib Server OS: Centos 6.8 Last update: 4 years ago

After our university upgraded their certs to TLS 1.2, we lost the ability to authenticate via CAS with CasLoginContrib.

After authenticating, TWiki just shows a blank page at: [Our TWiki site]/do/login?ticket=ST-162938423423-21xBTzduwE3232EPdWSCAc9F

Checking the logs, we get the error: " login: Use of uninitialized value $line in pattern match (m//) at /usr/share/perl5/vendor_perl/AuthCAS.pm line 385. " for each login attempt.

I see there's been one update to CasLoginContrib in 2016 since our installation, which we can try, but I'm wondering if there's been anyone else who's found a solution to this?

Thanks!

-- TWiki Guest - 2021-03-31

Discussion and Answer

I am not sure, I am not familiar with this contrib. You could try adding the SSL version to see if this fixes the issue.

In your lib/LocalSite.cfg add this: 

$TWiki::cfg{CAS}{SSL_version} = 'SSLv3';

Change lib/TWiki/LoginManager/CasLogin.pm: Add the SSL_version to the beginning of sub login: 

sub login {
    my( $this, $query, $twikiSession ) = @_;
    my $twiki = $this->{twiki};
    my $casUrl = $TWiki::cfg{CAS}{casUrl};
    my $CAFile = $TWiki::cfg{CAS}{CAFile};
    my $SSL_version = $TWiki::cfg{CAS}{SSL_version};
    my $cas = new AuthCAS(casUrl => $casUrl,
                          CAFile => $CAFile,
                          SSL_version => $SSL_version
                         );

-- Peter Thoeny - 2021-04-01

I released a new CasLoginContrib version that includes the 2016 changes (they were in the package, but missing in the repository), and I added the $TWiki::cfg{CAS}{SSL_version} feature. Not sure if this fixes your issue, give it a try. I have no way testing.

-- Peter Thoeny - 2021-04-01

      Change status to:
ALERT! If you answer a question - or someone answered one of your questions - please remember to edit the page and set the status to answered. The status selector is below the edit box.
SupportForm
Status Asked
Title CasLoginContrib throwing error after CAS upgrade to TLS v1.2
SupportCategory CasLoginContrib
TWiki version 6.0.0
Server OS Centos 6.8
Web server Apache/2.2.15
Perl version 5.10.1
Browser & version

Edit | Attach | Watch | Print version | History: r3 < r2 < r1 | Backlinks | Raw View | Raw edit | More topic actions
Topic revision: r3 - 2021-04-01 - PeterThoeny
 
  • Learn about TWiki  
  • Download TWiki
This site is powered by the TWiki collaboration platform Powered by Perl Hosted by OICcam.com Ideas, requests, problems regarding TWiki? Send feedback. Ask community in the support forum.
Copyright © 1999-2026 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.