Servlet Sessions are killed at the end of the the flow because its not expected that the CAS server needs to maintain any traditional servlet session (in fact with the amount that would be created from all the authentications, your server would hate us).
On Fri, Nov 30, 2012 at 7:22 AM, Sandip Paul <paulsandi...@gmail.com> wrote: > Hi Dmitriy, > > All these use cases should get handled by any sophisticated enterprise web > application. we cant restrict the user to hit the very famous '*Browser > Back button' *by simply disabling this. > As far as our application design is concern, this is not all an > exceptional use case :( > > That is why I suggest to improve CAS Server itself by providing an API to > access principal object and that will internally maintain > the principal object across the current session of the logged-in user. > > OR is there any other workaround available on your solution i.e. to keep > the principal object in session scope rather that keeping in request scope. > But in that case may the we need to tweak the CAS single signout > functionality also :( > > Thanks, > Sandip > > > On 30 November 2012 17:29, Dmitriy Kopylenko <dkopyle...@unicon.net>wrote: > >> This is an exceptional use case. No need to further complicate it. As it >> is a view of the end state, the request scope is the most appropriate. Just >> don't let your users click the back button, or if they do - too bad :-) >> >> Cheers, >> Dmitriy. >> >> Sent from my iPhone >> >> On Nov 30, 2012, at 3:06, Sandip Paul <paulsandi...@gmail.com> wrote: >> >> Hi Dmitriy, >> >> First of all appreciating your valuable contribution here. >> >> I will soon give a try for this. >> >> But I have a small clarification regarding this, i.e. as you mentioned >> that the principal will be available in the request scope. In this case, if >> you can flash back my scenario, there if a user >> after successful authentication lands on casGenericSuccess.jsp page and >> move to say, *app1* after clicking the link(anchor tag) provided. and >> after doing some operation on app1, if user want to return back to >> casGenericSuccess.jsp >> page by using *browser 'back button'*, >> in these case whether the principal object is still be available in the >> requestScope ? >> >> Thanks, >> Sandip >> >> >> On 29 November 2012 21:34, Dmitriy Kopylenko <dkopyle...@unicon.net>wrote: >> >>> Hi Sandip. If you have use case such that you have described and you >>> absolutely must have an access to the current authenticated principal in >>> the generic success login view, here's one way to do that, relatively >>> painlessly. Follow these steps in your CAS maven overlay: >>> >>> 1) Bring cas-addons dependency into the pom: >>> >>> *<dependency>* >>> * <groupId>net.unicon.cas</groupId>* >>> * <artifactId>cas-addons</artifactId>* >>> * <version>1.0.5</version>* >>> *</dependency>* >>> >>> 2) Define 'authenticationSupport' bean in the application context (this >>> could go into any Spring xml file under WEB-INF/spring-configuration): >>> >>> *<beans xmlns="http://www.springframework.org/schema/beans"* >>> * xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"* >>> * xmlns:c="http://www.springframework.org/schema/c"* >>> * xsi:schemaLocation="http://www.springframework.org/schema/beans >>> http://www.springframework.org/schema/beans/spring-beans.xsd"/> * >>> * >>> * >>> * <bean id="authenticationSupport" >>> class="net.unicon.cas.addons.authentication.internal.DefaultAuthenticationSupport" >>> * >>> * c:ticketRegistry-ref="ticketRegistry"/>* >>> * >>> * >>> *</beans>* >>> >>> 3) In WEB-INF/login-webflow.xml re-define 'viewGenericLoginSuccess' end >>> state like so: >>> >>> *<end-state id="viewGenericLoginSuccess" >>> view="casLoginGenericSuccessView">* >>> * <on-entry>* >>> * <evaluate >>> expression="authenticationSupport.getAuthenticatedPrincipalFrom(requestScope.ticketGrantingTicketId)" >>> result="requestScope.principal"/>* >>> * </on-entry>* >>> *</end-state>* >>> >>> Then you should have org.jasig.cas.authentication.principal.Principal >>> instance under the 'principal' key in the request scope and you could >>> access it in casGenericSuccess.jsp like so: >>> >>> *<c:out value="${principal.id}" />* >>> >>> Hope this helps a bit. >>> >>> Cheers, >>> Dmitriy. >>> >>> >>> On Nov 29, 2012, at 7:19 AM, Sandip Paul <paulsandi...@gmail.com> wrote: >>> >>> Hi Scott, >>> >>> I completely agree your comment on this but below is the use case where >>> I need to show userName/ other details from Principal Object on >>> casGenericSuccessView.jsp >>> >>> for example: we have 2 application that we have integrated with CAS: >>> say, app1 & app2 >>> our current implementation is like: user will try to access app1/app2, >>> they will be redirected to CAS login, only after >>> successful authentication that particular user will again be redirected to >>> the particular application, the user has requested. >>> >>> Case: >>> By watching the redirection url patterns, An intelligent user :) can >>> directly access the CAS login page. in that case we thought of handling >>> this scenario by showing the link(anchor tag) to our 2 application(app1 & >>> app2). and here we have a requirement to show the userName/other user >>> related details on casGenericSuccessView.jsp page itself. >>> >>> I believe this case should get handled by the CAS server by providing a >>> straight forward API, though I don't know any other cons that can happen if >>> you implement this. >>> >>> Even I have seen this requirement is been highly asked by different >>> users in cas-user community including me (see the mail chain). >>> >>> Treat this as a suggestion to improve the CAS. >>> >>> Thanks you very much. >>> Sandip >>> >>> >>> On 29 November 2012 09:10, Scott Battaglia <scott.battag...@gmail.com>wrote: >>> >>>> Your users should *almost* *never* see that generic page unless you for >>>> some reason bring them to the CAS page without a service url. We do not >>>> recommend you bring users to a single sign on server without a service. Its >>>> confusing to the end user. >>>> >>>> Cheers, >>>> Scott >>>> >>>> >>>> On Wed, Nov 28, 2012 at 12:42 AM, Sandip Paul >>>> <paulsandi...@gmail.com>wrote: >>>> >>>>> Hi CAS Developers, >>>>> >>>>> I am trying to integrate my existing applications with CAS. But while >>>>> doing so, I can see that there is no straight forward API provided to >>>>> access logged-in userName or the Principal object in >>>>> casGenericSuccessView.jsp though the logged-in userName is available by >>>>> using request.getRemoteUser() at cas-client application side. >>>>> >>>>> I am finding difficulties to achieve this and got stuck. Also I can >>>>> see there are others like me want to access username to show >>>>> for example: Welcome <userName> to the casGenericSuccessView.jsp and >>>>> I believe this should be kind of a basic feature that should be available >>>>> after a valid user successfully authenticated from the CAS login and >>>>> redirected to casGenericSuccessView.jsp page. >>>>> >>>>> Even I don't see any proper explanation/code snippet to achieve this >>>>> on the blogs. >>>>> >>>>> Hereby requesting you guys please add this API to the main flow of the >>>>> CAS-Server release if possible. >>>>> >>>>> >>>>> Regards, >>>>> Sandip >>>>> >>>>> >>>>> ---------- Forwarded message ---------- >>>>> From: jayesh patel <poka...@gmail.com> >>>>> Date: 27 November 2012 10:59 >>>>> Subject: Re: [cas-user] username/user object on the >>>>> casGenericSuccess.jsp >>>>> To: cas-u...@lists.jasig.org >>>>> >>>>> >>>>> Hi Sandip, >>>>> >>>>> I am facing similar issue, and stuck at the same problem. >>>>> >>>>> Can somebody please help with the code snippet for accessing userName >>>>> or Principal object in casGenericSuccessView.jsp. >>>>> >>>>> It would be of great help if somebody provide link to *example* where >>>>> complete explanation with* sample code* is given. >>>>> >>>>> Thanks. >>>>> >>>>> >>>>> On Tue, Nov 27, 2012 at 12:06 AM, Dmitriy Kopylenko < >>>>> dkopyle...@unicon.net> wrote: >>>>> >>>>>> To simplify this tgtId -> principal "extraction dance", there is a >>>>>> convenience API (with the default implementation) in cas-addons that >>>>>> could >>>>>> be used: >>>>>> https://github.com/Unicon/cas-addons/blob/master/src/main/java/net/unicon/cas/addons/authentication/AuthenticationSupport.java >>>>>> >>>>>> Cheers, >>>>>> Dmitriy. >>>>>> >>>>>> >>>>>> On Nov 26, 2012, at 1:30 PM, Sandip Paul <paulsandi...@gmail.com> >>>>>> wrote: >>>>>> >>>>>> Hi CAS Gurus, >>>>>> >>>>>> I need to retrieve the username/user object on the >>>>>> casGenericSuccess.jsp? >>>>>> After a short google search I found a solution mentioned in the below: >>>>>> http://bb10.com/java-jasig-cas-user/2010-10/msg00102.html >>>>>> >>>>>> But I am finding difficulties implementing this as I am just >>>>>> a beginner in spring web-flow. Can someone share the code snippet so >>>>>> that I >>>>>> can get some help. >>>>>> >>>>>> Highly appreciate your valuable comment on this. >>>>>> >>>>>> Regards, >>>>>> Sandip >>>>>> >>>>>> -- >>>>>> You are currently subscribed to cas-u...@lists.jasig.org as: >>>>>> dkopyle...@unicon.net >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> To unsubscribe, change settings or access archives, see >>>>>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>>>>> >>>>>> >>>>>> -- >>>>>> You are currently subscribed to cas-u...@lists.jasig.org as: >>>>>> poka...@gmail.com >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> To unsubscribe, change settings or access archives, see >>>>>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>>>>> >>>>>> >>>>> -- >>>>> You are currently subscribed to cas-u...@lists.jasig.org as: >>>>> paulsandi...@gmail.com >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> To unsubscribe, change settings or access archives, see >>>>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>>>> >>>>> >>>>> -- >>>>> You are currently subscribed to cas-dev@lists.jasig.org as: >>>>> scott.battag...@gmail.com >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> To unsubscribe, change settings or access archives, see >>>>> http://www.ja-sig.org/wiki/display/JSG/cas-dev >>>>> >>>>> >>>> -- >>>> You are currently subscribed to cas-dev@lists.jasig.org as: >>>> paulsandi...@gmail.com >>>> To unsubscribe, change settings or access archives, see >>>> http://www.ja-sig.org/wiki/display/JSG/cas-dev >>>> >>>> >>> -- >>> You are currently subscribed to cas-dev@lists.jasig.org as: >>> dkopyle...@unicon.net >>> >>> >>> >>> To unsubscribe, change settings or access archives, see >>> http://www.ja-sig.org/wiki/display/JSG/cas-dev >>> >>> >>> -- >>> You are currently subscribed to cas-dev@lists.jasig.org as: >>> paulsandi...@gmail.com >>> To unsubscribe, change settings or access archives, see >>> http://www.ja-sig.org/wiki/display/JSG/cas-dev >>> >>> >> -- >> You are currently subscribed to cas-dev@lists.jasig.org as: >> dkopyle...@unicon.net >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-dev >> >> -- >> You are currently subscribed to cas-dev@lists.jasig.org as: >> paulsandi...@gmail.com >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-dev >> >> > -- > You are currently subscribed to cas-dev@lists.jasig.org as: > scott.battag...@gmail.com > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev > > -- You are currently subscribed to cas-dev@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
