The best way to implement AUP flow customizations would be through a pluggable Groovy script which CAS will use for 2 phases - verification and recording of acceptance fact:
https://apereo.github.io/cas/6.1.x/webflow/Webflow-Customization-AUP.html#groovy So you could do the additional work needed to grab the dynamic data for AUP view and expose it right there in the ‘verify’ method, for example by throwing that data into a flowScope (note that you have access to SWF’s RequestContext via the first argument passed to that method) Doing it in Groovy has few advantages - 1) You don’t have to mess around with CAS’ SWF internals which would not guarantee you the API compatibility with future versions, for example 2) Changes to externalized Groovy script would not require re-build/re-start cycle and would be picked up by CAS in real time. HTH, D. On March 11, 2020 at 12:36:14, Francisco Castel-Branco (franciscoc...@gmail.com) wrote: Hi, Ray. I understand why you referred theming per service. But what I really need is an additional step in the login flow. Every service should be blocked by this. This isn't an additional service, nor the text I want to display is static. I am loading the text and ids from a database and I need to pass them from the java classes (where the flow is defined) to the HTML to display. I am currently "forking" the default AUP to verify if there are any unnaccepted policies, as I previously stated. I think it should be some parameter to pass when a view is loaded. Right now, I have this code that loads the view when a user needs to accept something: /** * Create verify action state. * * @param flow the flow */ protected void createVerifyActionState(final Flow flow) { ActionState actionState = createActionState(flow, STATE_ID_AUP_CHECK, AUP_VERIFY_ACTION); String target = getRealSubmissionState(flow).getTransition(TRANSITION_ID_SUCCESS).getTargetStateId(); TransitionSet transitionSet = actionState.getTransitionSet(); transitionSet.add(createTransition(CasWebflowConstants.TRANSITION_ID_AUP_ACCEPTED, target)); transitionSet.add(createTransition(CasWebflowConstants.TRANSITION_ID_AUP_MUST_ACCEPT, VIEW_ID)); } This is straight copy and paste from https://github.com/apereo/cas/blob/master/support/cas-server-support-aup-webflow/src/main/java/org/apereo/cas/web/flow/AcceptableUsagePolicyWebflowConfigurer.java My "real" question is, how can I add variables when loading the view VIEW_ID (which is a static string up above) Thanks! Ray Bon <r...@uvic.ca> escreveu no dia quarta, 11/03/2020 à(s) 15:43: Francisco, I have not done anything like this, so this is a guess. The login page has the ability to display per service customization, https://apereo.github.io/cas/6.1.x/services/Service-Management.html (theme control). Perhaps the process there can be used in AUP. Ray On Wed, 2020-03-11 at 12:06 +0000, Francisco Castel-Branco wrote: Notice: This message was sent from outside the University of Victoria email system. Please be cautious with links and sensitive information. Hi, I'm currently implementing dynamic Acceptable Usage Policies (AUP). They need to be loaded from some repository and need to be displayed on the webpage. The project already verifies if a given user has unnaccepted policies to block him from proceeding with the login flow. But I also need to load one of the unaccepted policies and displaying it just like the normal AUP, but without being defined in messages.properties. I need to display custom values in Thymeleaf, but I can't figure out where I can push the variables from the backend into Thyemeleaf. In Spring it would be arround the method map.addAttribute(). I had it working as a proof-of-concept with ajax requests, which is NOT secure because its client-side. CAS loads a page with jquery which loads one AUP from an API and populates an hidden input that contains the ID of said policy. (This is not secure at all, I know). My source code for this module is based of the AUP. Anyone knows how to do this? I tried to explore the source code, but with no luck. -- Francisco Castel-Branco -- Ray Bon Programmer Analyst Development Services, University Systems 2507218831 | CLE 019 | r...@uvic.ca I respectfully acknowledge that my place of work is located within the ancestral, traditional and unceded territory of the Songhees, Esquimalt and WSÁNEĆ Nations. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/30c960819f7e48abb34b409bf55ebb0233f267d5.camel%40uvic.ca. -- Francisco Castel-Branco -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAMrou-P-Z-4J0wcW3QvpgFtROxBU_Qi1BO9bLd67ke%3DEoG2VQA%40mail.gmail.com. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/etPan.5e691bf6.657790d.36b%40unicon.net.