Laravel with phpCAS, LoadBalancing Causing Infinite Redirects (Database Session)

378 views Asked by At

Setup is Laravel 4.2 Project with Sessions set to use the database. I am using the Laravel PHP CAS Module (https://github.com/XavRsl/Cas).

On a single instance, everything works fine since the phpCAS uses the native filebased $_SESSION. When put in a load balanced situation this causes redirects when hitting the server which doesn't have the CAS user information.

To overcome this I implemented the phpCAS _postAuthenticateCallbackFunction and store the $_SESSION variables in the Laravel Session.

function postAuthenticateCallback($ticket) {
//save the phpCAS info into the session that will be stored in the laravel session, if it exists
if (isset($_SESSION['phpCAS'])) {
    Session::put('phpCAS', $_SESSION['phpCAS']);
    Session::save();
}

}

Then it redirects to remove the CAS ticket. I attempt to take the phpCAS data out of the laravel session and store it back in the native session (gross, I know...). Problem is that a new Laravel Session starts up which is missing that information and we start the cycle again. Sometimes by clicking refresh a lot, the session sticks and everything works, until I try to logout in which I have the problem in reverse...

I noticed that when I am having the problem, there is no session cookie stored. When its working and finding the same session on both servers, there is a session cookie.

Does anyone know how to force Laravel to write the session cookie?

Does anyone have any insight into this problem? I can't imagine I'm the only one since lots of people use CAS for single signon and laravel is pretty popular.

0

There are 0 answers