I am still facing the repeated login page(bug id: CAS-1318) being displayed
in the latest version of CAS.
The version I am using is CAS-4.0.1.
It happens during logout, password change actions, password recovery
options.
Kindly let me know ASAP. As we are waiting to have the latest version of
CAS to be deployed in the production environment.
Because of only this issue we had to migrate to latest version from
CAS-3.5.2.
Regards,
Ravi
On Thu, Mar 27, 2014 at 12:53 AM, Peter Kirby <lpki...@harding.edu> wrote:
> I agree with all the points made by katelme, but this simple javascript is
> quicker and worked for us. It has made the phone stop ringing (for this
> issue).
>
> Again, this is probably not the best fix for the issue, but it is working
> great for us as we only use a very small subset of what CAS can do.
>
> NOTE: My solution uses jQuery and a jQuery plugin called jQuery Cookie. If
> you google jquery and jquery cookie you should find what you need. This
> will NOT WORK without those two files included.
>
> Just call this function from your login page. Here's my javascript:
>
> function CheckCookies() {
> if($.cookie('clearedTGC')) {
> $.removeCookie('clearedTGC');
> }
> else {
> if($.cookie('CASTGC')) {
> $.removeCookie('CASTGC');
> $.cookie('clearedTGC', 'true');
> location.reload(true);
> }
> }
> }
>
>
> --
> Peter Kirby
> System and Database Administrator @ Harding University
> 501-279-4727
>
>
> On Tue, Mar 25, 2014 at 8:28 PM, KaTeLmE <kate...@gmail.com> wrote:
>
>> Hi,
>>
>> I am agree with Marvin. I think is easy and more safety implements the
>> server solution due to there are more login channels (gateway, renew...)
>> that not need a form page, So, javascript isn't a correct solution for me.
>>
>> I suggest a premature fix too much time ago (you can see the attached
>> files at https://issues.jasig.org/browse/CAS-1219). Although CAS4 and
>> mine have the same philosophy (destroy ticket and remove cookies), I prefer
>> first.
>>
>> To patch in CAS3.5, you only need...
>>
>> 1. Create java files into your cas-server overlay (
>> http://jasig.github.io/cas/current/installation/Maven-Overlay-Installation.html)
>> project with that CAS4.0 feature.
>>
>>
>> https://github.com/Jasig/cas/blob/ce14f00dacea2c90edd5a90c38750ea1f8e9f750/cas-server-webapp-support/src/main/java/org/jasig/cas/web/flow/TicketGrantingTicketCheckAction.java
>>
>> https://github.com/Jasig/cas/blob/ce14f00dacea2c90edd5a90c38750ea1f8e9f750/cas-server-webapp-support/src/main/java/org/jasig/cas/web/flow/TerminateSessionAction.java
>>
>> Only a tip. As in CAS4 the logout process has been refactored (you can
>> see one of the join-points at TerminateSessionAction), you only need change
>> in that file the line...
>>
>> WebUtils.putLogoutRequests(context,
>> this.centralAuthenticationService.destroyTicketGrantingTicket(tgtId));
>>
>> with
>>
>> this.centralAuthenticationService.destroyTicketGrantingTicket(tgtId);
>>
>>
>> 2. Modify the cas-servlet.xml to add the webflow actions. If that file
>> dont exists in your cas proyect, you need get it form the CAS5.2
>> repository. Next needed code has been extracted from CAS4 (
>> https://github.com/Jasig/cas/blob/ce14f00dacea2c90edd5a90c38750ea1f8e9f750/cas-server-webapp/src/main/webapp/WEB-INF/cas-servlet.xml):
>>
>>
>> <bean id="ticketGrantingTicketCheckAction" class="
>> <your_company_package>.cas.web.flow.TicketGrantingTicketCheckAction"
>> c:registry-ref="ticketRegistry" />
>>
>> <bean id="terminateSessionAction" class=
>> "<your_company_package>.cas.web.flow.TerminateSessionAction"
>> c:cas-ref="centralAuthenticationService"
>> c:tgtCookieGenerator-ref="ticketGrantingTicketCookieGenerator"
>> c:warnCookieGenerator-ref="warnCookieGenerator"/>
>>
>> 3. Modify the login-webflow.xml to use that actions. If that file dont
>> exists in your cas overlay proyect, you need get it form the CAS5.2
>> repository. Next needed code has been extracted from CAS4 (
>> https://github.com/Jasig/cas/blob/ce14f00dacea2c90edd5a90c38750ea1f8e9f750/cas-server-webapp/src/main/webapp/WEB-INF/login-webflow.xml).
>> ..
>> Replace (at the begining of file):
>>
>> <decision-state id="ticketGrantingTicketExistsCheck">
>> <if test="flowScope.ticketGrantingTicketId != null" then=
>> "hasServiceCheck" else="gatewayRequestCheck" />
>> </decision-state>
>> with:
>> <action-state id="ticketGrantingTicketCheck">
>> <evaluate expression=
>> "ticketGrantingTicketCheckAction.checkValidity(flowRequestContext)"/>
>> <transition on="notExists" to="gatewayRequestCheck"/>
>> <transition on="invalid" to="terminateSession"/>
>> <transition on="valid" to="hasServiceCheck"/>
>> </action-state>
>>
>> <action-state id="terminateSession">
>> <evaluate expression=
>> "terminateSessionAction.terminate(flowRequestContext)"/>
>> <transition to="generateLoginTicket"/>
>> </action-state>
>>
>> 4. Test, test, and test in local enviroment generating a overlaying war (
>> http://jasig.github.io/cas/current/installation/Maven-Overlay-Installation.html).
>> If you use the javascript method you also need to do that.
>>
>> I hope that be usefull.
>>
>>
>> 2014-03-25 18:32 GMT+01:00 Oscar Shen <oscar_s...@bcit.ca>:
>>
>>> Hi Peter,
>>>
>>>
>>>
>>> Thank you very much for sharing your solution. I am interested in
>>> implementing your solution. Frankly, I am not very familiar with javascript
>>> and not confident enough to do it on my own. Is it possible you can share
>>> you javascript code if you don’t mind.? Thank you in advance.
>>>
>>>
>>>
>>> Oscar
>>>
>>>
>>>
>>> *From:* Peter Kirby [mailto:lpki...@harding.edu]
>>> *Sent:* Thursday, March 20, 2014 10:22 AM
>>> *To:* cas-dev@lists.jasig.org
>>> *Subject:* Re: [cas-dev] bug CAS-1318 patch?
>>>
>>>
>>>
>>> To Oscar and those affected by this bug:
>>>
>>>
>>>
>>> Adding in this validity check ended up being more time consuming than I
>>> had thought it would be. That's largely due to not using Java too much.
>>> So, I did a temporary workaround for this bug and I wanted to share the
>>> idea in case it will help some others.
>>>
>>>
>>>
>>> I just added some javascript to the casLoginView.jsp page that did a
>>> check for the CASTGC cookie. If that cookie is found it just deletes that
>>> cookie, sets another cookie to flag that the CASTGC has already been
>>> deleted once, and reloads the page. Then if that other flag cookie is set
>>> it doesn't delete the CASTGC cookie so it's not an infinite loop of
>>> deleting and reloading.
>>>
>>>
>>>
>>> This may not be the best solution, supported, etc... but it's what I did
>>> and it seems to work. It's what we'll use until we're ready to move to 4.0.
>>>
>>>
>>>
>>> Peter
>>>
>>>
>>>
>>>
>>> --
>>>
>>> Peter Kirby
>>> System and Database Administrator @ Harding University
>>>
>>>
>>>
>>> On Fri, Mar 7, 2014 at 6:05 AM, Marvin Addison <marvin.addi...@gmail.com>
>>> wrote:
>>>
>>> > I would be very interested in this as well. I just recently joined
>>> this
>>> > list hoping to find a fix for this very issue. I've been
>>> experimenting with
>>> > it for two weeks straight. I'm so glad to know it's a known bug.
>>> > Unfortunately, that doesn't make the phone ring any less.
>>>
>>> I had no idea it was having that kind of impact. I believe the fix in
>>> 4.0 that was referred to is to perform a validity check on the ticket
>>> in the CASTGC cookie at the beginning of the login flow. That check is
>>> performed by a trivial flow action:
>>>
>>>
>>> https://github.com/Jasig/cas/blob/ce14f00dacea2c90edd5a90c38750ea1f8e9f750/cas-server-webapp-support/src/main/java/org/jasig/cas/web/flow/TicketGrantingTicketCheckAction.java
>>>
>>> You should be able to use that component without change and wire it
>>> into the login flow. We can consider porting that component to 3.5.x
>>> if there's interest, though our resources applied the 3.5.x branch
>>> will drop precipitously upon release of 4.0.
>>>
>>>
>>> M
>>>
>>> --
>>> You are currently subscribed to cas-dev@lists.jasig.org as:
>>> lpki...@harding.edu
>>> To unsubscribe, change settings or access archives, see
>>> http://www.ja-sig.org/wiki/display/JSG/cas-dev
>>>
>>>
>>>
>>> --
>>> You are currently subscribed to cas-dev@lists.jasig.org as:
>>> oscar_s...@bcit.ca
>>>
>>>
>>>
>>>
>>> To unsubscribe, change settings or access archives, see
>>> http://www.ja-sig.org/wiki/display/JSG/cas-dev
>>>
>>> --
>>> You are currently subscribed to cas-dev@lists.jasig.org as:
>>> kate...@gmail.com
>>>
>>>
>>> To unsubscribe, change settings or access archives, see
>>> http://www.ja-sig.org/wiki/display/JSG/cas-dev
>>>
>>>
>> --
>> You are currently subscribed to cas-dev@lists.jasig.org as:
>> lpki...@harding.edu
>> To unsubscribe, change settings or access archives, see
>> http://www.ja-sig.org/wiki/display/JSG/cas-dev
>>
>>
> --
> You are currently subscribed to cas-dev@lists.jasig.org as:
> ravikumar.sutagu...@gmail.com
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-dev
>
>
--
You are currently subscribed to cas-dev@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-dev
