David Hawes

There's no need to open another PR. When we're happy we'll just rebase, squash the commits, and make it nice and tidy.

Some notes so I don't forget: Adding '\r' and '\n' to https://github.com/Jasig/mod_auth_cas/blob/master/src/mod_auth_cas.c#L826 could be a quick fix, but I'll need to test. I do wonder if using something like https://apr.apache.org/docs/apr/1.5/group___a_p_r___util___escaping.html#ga9caffb30731e3a07a8e23fa6464d35b5...

@pames I did a quick test with apr_pescape_urlencoded() and it worked as expected (my CAS server was not too happy with it though). That said, I think your suggestion is...

I simply have not been able to review and test it closely. I do intend on reviewing it. My primary concern without looking at the code is will this break...

No progress has been made mostly because I don't have an easy way to test multiple CAS servers. I should have those resources by the end of this year. Has...

I've finally done some testing with multiple CAS servers, and to that end this patch works as expected. My simple configs were not affected by the changes as well. Are...

So the proposal here is to limit or mitigate the URL issue solely with configuration? In that case I would expect documentation updates to the README. I think using the...

I think adding the URL to the ticket metadata is probably best. Is this something you'd like to try and implement?

I pushed a branch with a proof of concept for adding the CASLoginURL to the cache: https://github.com/dhawes/mod_auth_cas/tree/multi-backend-dhawes GitHubGitHub - dhawes/mod_auth_cas at multi-backend-dhawesAn Apache 2.0/2.2 compliant module that supports the CASv1...

I can verify that the situation you explain exists (tested with CASAttributePrefix). That said, I have never seen any issues reported because of this. The fix seems easy enough, but...