encryption not working with user_CAS

[timeos]

Hello
since I enabled user_cas I see following notification after CAS login: "Encryption App is enabled but your keys are not initialized, please log-out and log-in again". This is not happening when we use LDAP authentication.
anybody else with same issue?
we have ownCloud 8.1.1 (stable)
thank you
michal

[timeos]

• is anyone successfully using user_cas with encryption module?
• or is there any requirement to not use encryption with this module for some reason?
• is encryption enabled even if I get that "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" message?
  :)
  thank you for anyone to respond/try me to understand.

[leoniscsem]

Sorry for the very late reply but we have been busy with work. Can you post some log outputs here? The encryption app was never in our scope, so we just don't know what causes the problem.

[timeos]

Hello

Can you post some log outputs here?

there is completely nothing in owncloud log. I set log level to "everything". then enabled "user_cas" plugin and get logged in. Nothing was added into log. Message "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" keeps displaying.

[joeyjy]

Hello there,

I met the same problem when enable both encryption and user_cas, after debug, I found user_cas doesn't go through the userhooks provide by encryption app, so it can't register keyManager->init(), finally no private key is set when a user logged in using user_cas.

Can you look into this? I'm not familiar with php...

[timeos]

After a couple of months since I opened this report I find out, that this combination of components (encryption+user_CAS modules) are simply not possible to cooperate by their design. Encryption module requires for his works to know user password provided during authentication as encryption keys are secured by that password directly. And because one of advantage of CAS authentication is NOT to pass user password through end application then it means, that Owncloud is unable to get password in order to provide it to encryption module for managing encryption keys.
I think this will never be changed in future, so the only option to use this user_cas module is to disable/not use encryption module.

As a result of this bug-report should be at least some mention in documentation/requirement section about this "interoperability issue" regards to Encryption module for OwnCloud. At least this could save a couple of time spent for admins to get this combination of modules working.