This is an exceptional use case. No need to further complicate it. As it is a view of the end state, the request scope is the most appropriate. Just don't let your users click the back button, or if they do - too bad :-)
Cheers, Dmitriy. Sent from my iPhone On Nov 30, 2012, at 3:06, Sandip Paul <[email protected]> wrote: > Hi Dmitriy, > > First of all appreciating your valuable contribution here. > > I will soon give a try for this. > > But I have a small clarification regarding this, i.e. as you mentioned that > the principal will be available in the request scope. In this case, if you > can flash back my scenario, there if a user after successful authentication > lands on casGenericSuccess.jsp page and move to say, app1 after clicking the > link(anchor tag) provided. and after doing some operation on app1, if user > want to return back to casGenericSuccess.jsp page by using browser 'back > button', > in these case whether the principal object is still be available in the > requestScope ? > > Thanks, > Sandip > > > On 29 November 2012 21:34, Dmitriy Kopylenko <[email protected]> wrote: > Hi Sandip. If you have use case such that you have described and you > absolutely must have an access to the current authenticated principal in the > generic success login view, here's one way to do that, relatively painlessly. > Follow these steps in your CAS maven overlay: > > 1) Bring cas-addons dependency into the pom: > > <dependency> > <groupId>net.unicon.cas</groupId> > <artifactId>cas-addons</artifactId> > <version>1.0.5</version> > </dependency> > > 2) Define 'authenticationSupport' bean in the application context (this could > go into any Spring xml file under WEB-INF/spring-configuration): > > <beans xmlns="http://www.springframework.org/schema/beans"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > xmlns:c="http://www.springframework.org/schema/c"; > xsi:schemaLocation="http://www.springframework.org/schema/beans > http://www.springframework.org/schema/beans/spring-beans.xsd"/> > > <bean id="authenticationSupport" > class="net.unicon.cas.addons.authentication.internal.DefaultAuthenticationSupport" > c:ticketRegistry-ref="ticketRegistry"/> > > </beans> > > 3) In WEB-INF/login-webflow.xml re-define 'viewGenericLoginSuccess' end state > like so: > > <end-state id="viewGenericLoginSuccess" view="casLoginGenericSuccessView"> > <on-entry> > <evaluate > expression="authenticationSupport.getAuthenticatedPrincipalFrom(requestScope.ticketGrantingTicketId)" > result="requestScope.principal"/> > </on-entry> > </end-state> > > Then you should have org.jasig.cas.authentication.principal.Principal > instance under the 'principal' key in the request scope and you could access > it in casGenericSuccess.jsp like so: > > <c:out value="${principal.id}" /> > > Hope this helps a bit. > > Cheers, > Dmitriy. > > > On Nov 29, 2012, at 7:19 AM, Sandip Paul <[email protected]> wrote: > >> Hi Scott, >> >> I completely agree your comment on this but below is the use case where I >> need to show userName/ other details from Principal Object on >> casGenericSuccessView.jsp >> >> for example: we have 2 application that we have integrated with CAS: say, >> app1 & app2 >> our current implementation is like: user will try to access app1/app2, they >> will be redirected to CAS login, only after successful authentication that >> particular user will again be redirected to the particular application, the >> user has requested. >> >> Case: >> By watching the redirection url patterns, An intelligent user :) can >> directly access the CAS login page. in that case we thought of handling this >> scenario by showing the link(anchor tag) to our 2 application(app1 & app2). >> and here we have a requirement to show the userName/other user related >> details on casGenericSuccessView.jsp page itself. >> >> I believe this case should get handled by the CAS server by providing a >> straight forward API, though I don't know any other cons that can happen if >> you implement this. >> >> Even I have seen this requirement is been highly asked by different users in >> cas-user community including me (see the mail chain). >> >> Treat this as a suggestion to improve the CAS. >> >> Thanks you very much. >> Sandip >> >> >> On 29 November 2012 09:10, Scott Battaglia <[email protected]> wrote: >> Your users should *almost* *never* see that generic page unless you for some >> reason bring them to the CAS page without a service url. We do not >> recommend you bring users to a single sign on server without a service. Its >> confusing to the end user. >> >> Cheers, >> Scott >> >> >> On Wed, Nov 28, 2012 at 12:42 AM, Sandip Paul <[email protected]> wrote: >> Hi CAS Developers, >> >> I am trying to integrate my existing applications with CAS. But while doing >> so, I can see that there is no straight forward API provided to access >> logged-in userName or the Principal object in casGenericSuccessView.jsp >> though the logged-in userName is available by using request.getRemoteUser() >> at cas-client application side. >> >> I am finding difficulties to achieve this and got stuck. Also I can see >> there are others like me want to access username to show >> for example: Welcome <userName> to the casGenericSuccessView.jsp and I >> believe this should be kind of a basic feature that should be available >> after a valid user successfully authenticated from the CAS login and >> redirected to casGenericSuccessView.jsp page. >> >> Even I don't see any proper explanation/code snippet to achieve this on the >> blogs. >> >> Hereby requesting you guys please add this API to the main flow of the >> CAS-Server release if possible. >> >> >> Regards, >> Sandip >> >> >> ---------- Forwarded message ---------- >> From: jayesh patel <[email protected]> >> Date: 27 November 2012 10:59 >> Subject: Re: [cas-user] username/user object on the casGenericSuccess.jsp >> To: [email protected] >> >> >> Hi Sandip, >> >> I am facing similar issue, and stuck at the same problem. >> >> Can somebody please help with the code snippet for accessing userName or >> Principal object in casGenericSuccessView.jsp. >> >> It would be of great help if somebody provide link to example where complete >> explanation with sample code is given. >> >> Thanks. >> >> >> On Tue, Nov 27, 2012 at 12:06 AM, Dmitriy Kopylenko <[email protected]> >> wrote: >> To simplify this tgtId -> principal "extraction dance", there is a >> convenience API (with the default implementation) in cas-addons that could >> be used: >> https://github.com/Unicon/cas-addons/blob/master/src/main/java/net/unicon/cas/addons/authentication/AuthenticationSupport.java >> >> Cheers, >> Dmitriy. >> >> >> On Nov 26, 2012, at 1:30 PM, Sandip Paul <[email protected]> wrote: >> >>> Hi CAS Gurus, >>> >>> I need to retrieve the username/user object on the casGenericSuccess.jsp? >>> After a short google search I found a solution mentioned in the below: >>> http://bb10.com/java-jasig-cas-user/2010-10/msg00102.html >>> >>> But I am finding difficulties implementing this as I am just a beginner in >>> spring web-flow. Can someone share the code snippet so that I can get some >>> help. >>> >>> Highly appreciate your valuable comment on this. >>> >>> Regards, >>> Sandip >>> -- >>> You are currently subscribed to [email protected] as: >>> [email protected] >>> >>> >>> >>> >>> >>> >>> >>> To unsubscribe, change settings or access archives, see >>> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> >> >> >> >> >> >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> >> >> >> >> >> >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> >> >> >> >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-dev >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-dev >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> >> >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-dev > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
