I'll have a look at this when i can but to have it on record:
If 'Authentication required' is selected in auth admin and a valid CAS user that is not registered with redmine navigates to the redmine site, we end up with an eternal loop as any errors generated redirect to cas authentication which passes as there's a valid tgt.
Redirecting to an error page that bypasses normal auth would be changing common functionality (hence ugly and hacky). Might look into how tricky it would be to just fall back to local login screen with an error msg... which isn't ideal either X( Maybe display the error on an alert, and then locally tag existing tgt as invalid as far as redmine is concerned???
other ideas?
I'll have a look at this when i can but to have it on record:
If 'Authentication required' is selected in auth admin and a valid CAS user that is not registered with redmine navigates to the redmine site, we end up with an eternal loop as any errors generated redirect to cas authentication which passes as there's a valid tgt.
Redirecting to an error page that bypasses normal auth would be changing common functionality (hence ugly and hacky). Might look into how tricky it would be to just fall back to local login screen with an error msg... which isn't ideal either X( Maybe display the error on an alert, and then locally tag existing tgt as invalid as far as redmine is concerned???
other ideas?