hotline #12422 base url for CAS should be unique

see http://www.jasig.org/cas/protocol#cas-uris

application/modules/opac/controllers/AuthController.php

@@ -77,6 +77,12 @@ class AuthController extends ZendAfi_Controller_Action {
 	}
 
 
+	//see http://www.jasig.org/cas/protocol#cas-uris
+	function validateAction() {
+		$this->_forward('validate', 'cas-server');
+	}
+
+
 	function loginAction() {
 		$this->view->preferences = Class_Profil::getCurrentProfil()->getCfgModulesPreferences('auth','login');		
 		$redirect = $this->_getParam('redirect', '/opac');

tests/application/modules/opac/controllers/CasServerControllerTest.php

@@ -49,6 +49,13 @@ class CasServerControllerValidateActionTest extends AbstractControllerTestCase {
 	}
 
 
+	/** @test */
+	public function requestWithInvalidTicketOnAuthShouldRespondInvalidTicketFailureXML() {		
+		$this->dispatch('/opac/auth/validate?ticket=STmarchepo&service=http://test.com',true);
+		$this->assertContains('<cas:authenticationFailure code="INVALID_TICKET"> Ticket STmarchepo not recognized</cas:authenticationFailure>',$this->_response->getBody());
+	}
+
+
 	/** @test */
 	public function requestWithValidTicketShouldRespondValidXML() {		
 		$this->dispatch('/opac/cas-server/validate?ticket='.md5(Zend_Session::getId().'300').'&service=http://test.com');
@@ -62,6 +69,14 @@ class CasServerControllerValidateActionTest extends AbstractControllerTestCase {
 		$this->assertContains('<cas:user>300</cas:user>',$this->_response->getBody());
 		$this->assertContains('<cas:proxyGrantingTicket>',$this->_response->getBody());
 	}
+
+
+	/** @test */
+	public function requestWithValidTicketPrefixedBySTOnAuthenticateControllerShouldRespondValidXML() {		
+		$this->dispatch('/opac/auth/validate?ticket=ST-'.md5(Zend_Session::getId().'300').'&service=http://test.com');
+		$this->assertContains('<cas:user>300</cas:user>',$this->_response->getBody());
+		$this->assertContains('<cas:proxyGrantingTicket>',$this->_response->getBody());
+	}
 }