Hi Misagh, The application that is generating the URLs is emailing them to users which require no encoding. When the user clicks on the URL, my load balancer redirects the URL to flow through CAS by appending the URL as a service like so
https:// cas2.domain.com/cas/login?method=POST&service=https://test.domain.com/EMPLOYEE/CDM_RPT.GBL?Page=CDM_RPT_INDEX&Action=U&CDM_ID=1234567 <http://cas2.domain.com/cas/login?method=POST&service=https://test.domain.com/EMPLOYEE/CDM_RPT.GBL?Page=CDM_RPT_INDEX&Action=U&CDM_ID=1234567> So in the above URL, the user clicked on the link https://test.domain.com/EMPLOYEE/CDM_RPT.GBL?Page=CDM_RPT_INDEX&Action=U&CDM_ID=1234567 <http://cas2.domain.com/cas/login?method=POST&service=https://test.domain.com/EMPLOYEE/CDM_RPT.GBL?Page=CDM_RPT_INDEX&Action=U&CDM_ID=1234567> and was redirected through CAS. If I do nothing and let CAS handle the service URL, the user ends up being redirected to https://test.domain.com/EMPLOYEE/CDM_RPT.GBL?Page=CDM_RPT_INDEX <http://cas2.domain.com/cas/login?method=POST&service=https://test.domain.com/EMPLOYEE/CDM_RPT.GBL?Page=CDM_RPT_INDEX&Action=U&CDM_ID=1234567> As these links are not always the same, I can't just redirect them to an encoded URL in our load balancer. The only other alternative would be to dig into the application's code which is not supported and attempt to have it generate encoded URL's to end users but as I said before, this is not user friendly. It seems much easier to just have CAS support a config option to allow a query string to be fully used as a service URL. Unless I am going about this all wrong? Thanks!! On Monday, September 26, 2016 at 2:58:20 PM UTC-4, Misagh Moayyed wrote: > > I realize you are asking for auto-encoding, but is there any reason the > service url is not encoded prior to submission? > > -- > Misagh > > From: Dan Roque <[email protected]> <javascript:> > Reply: Dan Roque <[email protected]> <javascript:> > Date: September 26, 2016 at 10:21:49 PM > To: CAS Community <[email protected]> <javascript:> > Subject: [cas-user] Re: Possible to auto-encode a request url passed to > CAS? > > I looked over the latest source code and found the relevant code from > 3.5.2 that I am asking about > > https:// > github.com/apereo/cas/blob/master/core/cas-server-core-services/src/main/java/org/apereo/cas/authentication/principal/WebApplicationServiceFactory.java#L32 > > Any downfalls to have some sort of config that allows ampersands to be > auto-encoded in a query string before the SimpleWebApplicationServiceImpl > object is created? So for example, if the following service URL is passed > to CAS > > https:// > test.domain.com/EMPLOYEE/CDM_RPT.GBL?Page=CDM_RPT_INDEX&Action=U&CDM_ID=1234567 > > <http://test.domain.com/EMPLOYEE/CDM_RPT.GBL?Page=CDM_RPT_INDEX%26Action=U%26CDM_ID=1234567> > > > <http://test.domain.com/EMPLOYEE/CDM_RPT.GBL?Page=CDM_RPT_INDEX%26Action=U%26CDM_ID=1234567>CAS > > checks the query string and auto-encodes each ampersand to %26 which would > result in > > https:// > test.domain.com/EMPLOYEE/CDM_RPT.GBL?Page=CDM_RPT_INDEX%26Action=U%26CDM_ID=1234567 > > > <http://test.domain.com/EMPLOYEE/CDM_RPT.GBL?Page=CDM_RPT_INDEX%26Action=U%26CDM_ID=1234567>This > > would allow the user to be redirected to the intended service URL. This > would be done by not calling getParameter but instead calling > getQueryString() and constructing the service string from that. > > Thoughts? > > BTW, I'm currently testing CAS 3.5.2 with Tomcat 7.0.64 > > Thanks! > > On Monday, September 26, 2016 at 12:02:56 PM UTC-4, Dan Roque wrote: >> >> Hi, >> >> I'm using an application that emails links to users to view reports >> and need to redirect these links through CAS (version 3.5.2). The issue is >> that the application does not URL encode these links when sending to the >> user as there is no requirement to do so. If the URL is clicked "as-is", it >> gets redirected to CAS which will strip off any extra parameters it finds. >> I want to know if it would be possible to have CAS auto-encode the request >> URL it receives before creating the service string. Here is an example of a >> URL that is clicked by a user >> >> https:// >> test.domain.com/EMPLOYEE/CDM_RPT.GBL?Page=CDM_RPT_INDEX&Action=U&CDM_ID=1234567 >> >> I redirect this to >> >> https:// >> cas2.domain.com/cas/login?method=POST&service=https://test.domain.com/EMPLOYEE/CDM_RPT.GBL?Page=CDM_RPT_INDEX&Action=U&CDM_ID=1234567 >> >> >> After the user authenticates with the above URL, the service used becomes >> >> https://test.domain.com/EMPLOYEE/CDM_RPT.GBL?Page=CDM_RPT_INDEX >> >> as Action is read as another parameter due to the ampersand. I would like >> the entire URL to be used as a service and be altered to the following >> >> https:// >> test.domain.com/EMPLOYEE/CDM_RPT.GBL?Page=CDM_RPT_INDEX%26Action=U%26CDM_ID=1234567 >> >> Does CAS have the capability to auto-encode this for me? So all the '&' >> would change to '%26'. The only other alternative would be to figure out >> how to get the application itself to auto-encode the URL but users wouldn't >> have a "user-friendly" URL. >> >> I looked over the CAS 3.5.2 source code and noticed that the service is >> generated in this method within the SimpleWebApplicationServiceImpl class >> >> SimpleWebApplicationServiceImpl createServiceFrom(final >> HttpServletRequest request, final HttpClient httpClient) { ... } >> >> This is the only spot I can see where modifying the service URL would >> work. >> >> Any input is appreciated. >> >> Thanks!! >> >> Dan >> > -- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] <javascript:>. > To post to this group, send email to [email protected] <javascript:>. > Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/ > . > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/e98625b2-d88c-4497-84e7-baee138d0a69%40apereo.org > > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/e98625b2-d88c-4497-84e7-baee138d0a69%40apereo.org?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/a/apereo.org/d/optout. > > -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/fbc46e83-c294-4742-8f0a-1c08219f1d8c%40apereo.org. For more options, visit https://groups.google.com/a/apereo.org/d/optout.
