Important Bug Fix in Authen::CAS::External 0.06

Earlier today I released an important bug fix to my distribution Authen-CAS-External (under version 0.06). The bug caused the distribution to fail on CAS deployments where the application was not deployed at the root URL (i.e. https://cas.domain.com/login worked fine, but https://cas.domain.com/cas/login did not work at all). The reason was because the LWP::UserAgent handler rules had m_path_match set to a static qr{\A /login}msx, which clearly would only match pages where login was at the root, which is not always the case. This was fixed by storing the path to login in the variable $cas_path and then changing the path match to qr{\A \Q$cas_path\E}msx. Note the \Q and \E are important so that the regular expression properly treats the path as a static string. The full patch can be seen in commit df8ef3b.

Leave a Reply