Fix Single-Logout
This commit is contained in:
parent
1378383745
commit
71b1a8207f
|
@ -5,6 +5,7 @@ module RedmineCAS
|
|||
def self.included(base)
|
||||
base.send(:include, InstanceMethods)
|
||||
base.class_eval do
|
||||
alias_method_chain :verify_authenticity_token, :cas
|
||||
alias_method_chain :require_login, :cas
|
||||
end
|
||||
end
|
||||
|
@ -55,6 +56,18 @@ module RedmineCAS
|
|||
end
|
||||
end
|
||||
|
||||
def verify_authenticity_token_with_cas
|
||||
if cas_logout_request?
|
||||
logger.info 'CAS logout request detected: Skipping validation of authenticity token'
|
||||
else
|
||||
verify_authenticity_token_without_cas
|
||||
end
|
||||
end
|
||||
|
||||
def cas_logout_request?
|
||||
request.post? && params.has_key?('logoutRequest')
|
||||
end
|
||||
|
||||
def cas_account_pending
|
||||
render_403 :message => l(:notice_account_pending)
|
||||
end
|
||||
|
|
Reference in New Issue