Re: [cas-user] Mandatory entry point before authentication
Thanks Ray but that's not exactly my use case.
Your use case admit that users can authenticate from any service, on my
case I need that they must come from one service to be able to
authenticate. But your redirect is welcome !
Thanks
Julien
Le 17/04/2019 à 20:57, Ray Bon a écrit :
Julien,
Check this setting:
cas.view.defaultRedirectUrl=https://${cas.server.name}/mypage
If user goes to CAS first (without a service), they get redirected to
defaultRedirectUrl.
Ray
On Wed, 2019-04-17 at 16:56 +0200, Julien Gribonvald wrote:
Hi,
Is there a simple way to force user to come from a service before to
authenticate ?
I mean before accessing to some services (not all) a user should come
from an entry point (a service on which he will be authenticated after,
like a portal), if not he should be redirected to this entry point.
If not is it the a thing to define a service policy from the service
management to do that ? Or are you seing a better way ?
Thanks,
--
Julien Gribonvald
--
Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE 019 | r...@uvic.ca
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google
Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to cas-user+unsubscr...@apereo.org
.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/6f6cdffc229472b76ba097cf453afd8990093e18.camel%40uvic.ca
.
--
Julien Gribonvald
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/6a2a583f-13fc-53b3-486f-17f916b6c067%40recia.fr.
Re: [cas-user] Mandatory entry point before authentication
Hi,
I'm not sure it helps in your case, but we had a similar issue with
some applications:
- the application creates a session and store information before going to CAS
- the application redirects to CAS which asks password
- CAS redirects to the application
- the user clicks on "back" button
- CAS session is valid, so it goes back to the application again. In
some cases, the application is not happy to receive an expected ticket
[*]. And even if it works, the user wonders why "back" did not work
The solution we used:
- on CAS form asking for login, we added
onsubmit="ignore_on_history_back()"
function ignore_on_history_back() {
// on back, do not autolog nor prompt, go back to the app
try { window.history.replaceState({}, null,
location.href.replace('/cas/login',
'/cas/authentification-en-cours.html')) } catch (e) {}
}
- we added a static page authentification-en-cours.html
var isForward = (history.state || {}).isForward;
try {
history.replaceState({ isForward: !isForward }, null, null);
} catch (e) {}
history.go(isForward ? 1 : -1);
Page temporaire d'authentification. Nous vous redirigeons vers la
page précédente...
(cf https://cas.univ-paris1.fr/cas/authentification-en-cours.html)
[*] we have this issue with shibboleth-idp that is configured to
delegate to CAS
Julien Gribonvald a écrit :
Hi,
Is there a simple way to force user to come from a service before to
authenticate ?
I mean before accessing to some services (not all) a user should
come from an entry point (a service on which he will be
authenticated after, like a portal), if not he should be redirected
to this entry point.
If not is it the a thing to define a service policy from the service
management to do that ? Or are you seing a better way ?
Thanks,
--
Julien Gribonvald
--
Pascal Rigaux
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/20190417213915.Horde.oRKdexLMMXnxHD47I0NICSS%40courrier.univ-paris1.fr.
Re: [cas-user] Mandatory entry point before authentication
Julien,
Check this setting:
cas.view.defaultRedirectUrl=https://${cas.server.name}/mypage
If user goes to CAS first (without a service), they get redirected to
defaultRedirectUrl.
Ray
On Wed, 2019-04-17 at 16:56 +0200, Julien Gribonvald wrote:
Hi,
Is there a simple way to force user to come from a service before to
authenticate ?
I mean before accessing to some services (not all) a user should come
from an entry point (a service on which he will be authenticated after,
like a portal), if not he should be redirected to this entry point.
If not is it the a thing to define a service policy from the service
management to do that ? Or are you seing a better way ?
Thanks,
--
Julien Gribonvald
--
Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE 019 | r...@uvic.ca
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/6f6cdffc229472b76ba097cf453afd8990093e18.camel%40uvic.ca.
[cas-user] Mandatory entry point before authentication
Hi, Is there a simple way to force user to come from a service before to authenticate ? I mean before accessing to some services (not all) a user should come from an entry point (a service on which he will be authenticated after, like a portal), if not he should be redirected to this entry point. If not is it the a thing to define a service policy from the service management to do that ? Or are you seing a better way ? Thanks, -- Julien Gribonvald -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/fff077c2-94b4-7c1e-e6f0-be4284a412f5%40recia.fr.
