|Summary:||would like update to mod_auth_cas 1.0.10|
|Product:||[Fedora] Fedora EPEL||Reporter:||long|
|Component:||mod_auth_cas||Assignee:||Adam Miller <admiller>|
|Status:||CLOSED DEFERRED||QA Contact:||Fedora Extras Quality Assurance <extras-qa>|
|Version:||el6||CC:||admiller, jodell, mjs, tremble|
|Fixed In Version:||Doc Type:||Bug Fix|
|Doc Text:||Story Points:||---|
|Last Closed:||2015-10-30 15:26:40 UTC||Type:||Bug|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
|Cloudforms Team:||---||Target Upstream Version:|
Description long 2013-06-10 17:20:04 UTC
Description of problem: Version 1.0.10 fixes a security problem in previous versions. Current version also does not play well with SSL certificates that use intermediate CA certs. Version-Release number of selected component (if applicable): mod_auth_cas-184.108.40.206-2.el6.x86_64 How reproducible: Always Steps to Reproduce: 1. set CASLoginURL to an SSL server using an SSL certificate signed with intermediate CA cert (e.g. digicert would be an example) 2. try accessing CAS protected resource 3. Actual results: Error log always says [Mon Jun 10 12:04:32 2013] [error] [client XXX] MOD_AUTH_CAS: Certificate CN does not match XXX Expected results: CAS works Additional info: Newer versions of mod_auth_cas switched SSL infrastucture so they could handle SSL certificates better.
Comment 1 jodell 2015-09-02 22:57:37 UTC
The current version on EPEL (220.127.116.11) does not work with SAML Validation. I did a straight recompile from source (1.0.10), and it worked right away. - https://github.com/Jasig/mod_auth_cas Version 1.0.10 is already a year old.
Comment 2 Adam Miller 2015-10-30 15:26:40 UTC
Version 1.0.10 still hasn't had a stable release from upstream. We generally don't ship pre-release software in EPEL. I'll update once it's released.