Skip to content

CASGateway error 500 for unauthenticated requests in Apache 2.4 #204

Description

@nregina-hbs

When accessing a CASGateway location as an unauthenticated user, a 500 error is returned. The Apache error log shows an error like this:

AH00027: No authentication done but request not allowed without authentication for /gateway. Authentication not configured?

In Apache 2.4 AuthZ module requires the request user to be set when the authentication provider returns OK.

Sample config:

<Location / >
  Authtype CAS
  Require valid-user
  CASGateway /gateway
</Location>

In my own build, I've updated the flow to set the user to an empty string.

/* do not set a user, but still allow anonymous access */
r->user = "";

This works for my own use cases, but I'm not sure this would be an acceptable change in behavior for all users of mod-auth-cas.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions