Thanks for the followup. If you could create a ticket for this, and supply as much information as possible, I'll try to look at it and understand the implications for the session login model as it stands today. I believe I presumed that the same URL wouldn't be used for wildly different kinds of things; as you say, turning this into a list rather than a map may make all the difference.
Karl On Tue, Jun 2, 2020 at 7:34 AM <julien.massi...@francelabs.com> wrote: > Hi Karl, > > > > Thanks for your answer. > > > > The login sequence I configured was the problem but not because some part > were missing, the main problem was that I entered the same regular > expression to address two different login types : a login page and a > redirect page. > I did not check the code, but it seems that the connector saves the login > sequence into an HashMap with the login regex as key. So my redirect rule > “other-site\/cas\/login > = redirect” was overridden by the form rule “other-site\/cas\/login = > form”. This is why in the debug log, the other-site 302 response was not > recognized by the login sequence. > > > > I have modified the two rules so that the regex are different and it works > ! > > > > I hope my use case will help other people if they encounter the same > problem. > > > > Note that the solution I implemented sounds to me more like a workaround > than a solution. Let me explain: I was able to differentiate the regex > rules by removing a letter in one of them: > “other-site\/cas\/logi = redirect” vs “other-site\/cas\/login = form”. But > this does not feel like a “clean” solution > > > > Regards, > Julien > > > > > > > > *De :* Karl Wright <daddy...@gmail.com> > *Envoyé :* vendredi 29 mai 2020 22:32 > *À :* user@manifoldcf.apache.org > *Objet :* Re: Web connector login sequence > > > > Hi Julien, > > The login sequence must include all parts of the login sequence, from > initiation (the first 302 that you get when you load /site) all the way > through to the last action that sets the cookie. After the login sequence > is completed, the /site URL will be fetched again. If you need more than > one fetch to set more than one cookie, ALL the fetches must match your > description of the login sequence or it will abort early. If the cookie > gets set on a final redirection, be sure to include that redirection too. > > > > Karl > > > > > > On Fri, May 29, 2020 at 12:01 PM <julien.massi...@francelabs.com> wrote: > > Hi MCF community, > > > > I need some help with the configuration of a login sequence with the Web > connector. Here is the login sequence on a web browser : > > > > GET site/ > > 302 -> site/login > > 302 -> other-site/cas/login > > 401 other-site/cas/login > > POST other-site/cas/login (set cookie) > > 302 -> site/login?param1=value (set cookie) > > 302 -> site/login?param1=value (set cookie) > > 302 -> site/ > > > > I tested the following conf : > > > > Session: site > > site\/login = redirect > > other-site\/cas\/login = redirect > > other-site\/cas\/login = form > > username=john > > password=*** > > > > This configuration works till the form POST, after the form POST, the > first cookie is correctly retrieved by the job but then it ends up in an > infinite loop. Here are the debug logs: > > > > …. > > DEBUG 2020-05-29T15:07:25,560 (Worker thread '11') - > MCF|MCF-agent|apache.manifoldcf.connectors|WEB: For > https://other-site/cas/login, setting virtual host to other-site > > DEBUG 2020-05-29T15:07:25,560 (Worker thread '11') - > MCF|MCF-agent|apache.manifoldcf.connectors|WEB: Got an HttpClient object > after 1 ms. > > DEBUG 2020-05-29T15:07:25,560 (Worker thread '11') - > MCF|MCF-agent|apache.manifoldcf.connectors|WEB: Post method for > '/cas/login' > > ….. > > DEBUG 2020-05-29T15:07:18,442 (Worker thread '11') - > MCF|MCF-agent|apache.manifoldcf.connectors|WEB: Retrieving cookies... > > DEBUG 2020-05-29T15:07:18,442 (Worker thread '11') - > MCF|MCF-agent|apache.manifoldcf.connectors|WEB: Cookie '[version: > 0]xxxxxxxxxx > > INFO 2020-05-29T15:07:18,448 (Worker thread '11') - > MCF|MCF-agent|apache.manifoldcf.connectors|WEB: FETCH LOGIN| > https://other-site/cas/login|1590764838416+31|302|0| > <https://other-site/cas/login%7C1590764838416+31%7C302%7C0%7C> > > DEBUG 2020-05-29T15:07:18,448 (Worker thread '11') - > MCF|MCF-agent|apache.manifoldcf.connectors|WEB: Document ' > https://other-site/cas/login' did not match expected form, link, > redirection, or content for sequence 'site' > > …. > > > > It seems that the redirection after the form POST is not considered by the > job but I don’t know why. After that, there is an infinite loop where the > cookie is passed on the GET “site/login” which redirects to > “other-site/login”, but this time, when “other-site/login” get the cookie > in the request, it does not send a 302 redirect response code but a 200 OK > > > > I don’t know why there is such behavior and I would be glad to have your > advises ! > > > > Thanks for your help > > > > Julien > > > >
