Thanks for the response. I'll work on submitting a PR soon. Dan
On Monday, September 26, 2016 at 3:28:56 PM UTC-4, Misagh Moayyed wrote: > > Thanks for the walkthrough. I realize your predicament, but just for the > sake completeness I should point out that the per the protocol, service > urls are required to be encoded. It’s a MUST. The fact that the application > isn’t doing it is a different story. > > I am not personally enthusiastic about adding this behavior, but [as we > all have to be practical], if you wish to add it, test it and then post a > patch to make this an option, I suppose that’s fine. Or simply open up an > issue for the time being. > > -- > Misagh > > From: Dan Roque <[email protected]> <javascript:> > Reply: Dan Roque <[email protected]> <javascript:> > Date: September 26, 2016 at 10:37:00 PM > To: CAS Community <[email protected]> <javascript:> > Cc: [email protected] <javascript:> <[email protected]> <javascript:>, > [email protected] <javascript:> <[email protected]> <javascript:> > Subject: Re: [cas-user] Re: Possible to auto-encode a request url passed > to CAS? > > Hi Misagh, > > The application that is generating the URLs is emailing them to users > which require no encoding. When the user clicks on the URL, my load > balancer redirects the URL to flow through CAS by appending the URL as a > service like so > > https:// > cas2.domain.com/cas/login?method=POST&service=https://test.domain.com/EMPLOYEE/CDM_RPT.GBL?Page=CDM_RPT_INDEX&Action=U&CDM_ID=1234567 > > > <http://cas2.domain.com/cas/login?method=POST&service=https://test.domain.com/EMPLOYEE/CDM_RPT.GBL?Page=CDM_RPT_INDEX&Action=U&CDM_ID=1234567> > So > in the above URL, the user clicked on the link > https://test.domain.com/EMPLOYEE/CDM_RPT.GBL?Page=CDM_RPT_INDEX&Action=U&CDM_ID=1234567 > > <http://cas2.domain.com/cas/login?method=POST&service=https://test.domain.com/EMPLOYEE/CDM_RPT.GBL?Page=CDM_RPT_INDEX&Action=U&CDM_ID=1234567> > and > was redirected through CAS. > > If I do nothing and let CAS handle the service URL, the user ends up being > redirected to > https://test.domain.com/EMPLOYEE/CDM_RPT.GBL?Page=CDM_RPT_INDEX > <http://cas2.domain.com/cas/login?method=POST&service=https://test.domain.com/EMPLOYEE/CDM_RPT.GBL?Page=CDM_RPT_INDEX&Action=U&CDM_ID=1234567> > > As these links are not always the same, I can't just redirect them to an > encoded URL in our load balancer. The only other alternative would be to > dig into the application's code which is not supported and attempt to have > it generate encoded URL's to end users but as I said before, this is not > user friendly. It seems much easier to just have CAS support a config > option to allow a query string to be fully used as a service URL. Unless I > am going about this all wrong? > > Thanks!! > > On Monday, September 26, 2016 at 2:58:20 PM UTC-4, Misagh Moayyed wrote: >> >> I realize you are asking for auto-encoding, but is there any reason the >> service url is not encoded prior to submission? >> >> -- >> Misagh >> >> From: Dan Roque <[email protected]> >> Reply: Dan Roque <[email protected]> >> Date: September 26, 2016 at 10:21:49 PM >> To: CAS Community <[email protected]> >> Subject: [cas-user] Re: Possible to auto-encode a request url passed to >> CAS? >> >> I looked over the latest source code and found the relevant code from >> 3.5.2 that I am asking about >> >> https:// >> github.com/apereo/cas/blob/master/core/cas-server-core-services/src/main/java/org/apereo/cas/authentication/principal/WebApplicationServiceFactory.java#L32 >> >> Any downfalls to have some sort of config that allows ampersands to be >> auto-encoded in a query string before the SimpleWebApplicationServiceImpl >> object is created? So for example, if the following service URL is passed >> to CAS >> >> https:// >> test.domain.com/EMPLOYEE/CDM_RPT.GBL?Page=CDM_RPT_INDEX&Action=U&CDM_ID=1234567 >> >> <http://test.domain.com/EMPLOYEE/CDM_RPT.GBL?Page=CDM_RPT_INDEX%26Action=U%26CDM_ID=1234567> >> >> >> <http://test.domain.com/EMPLOYEE/CDM_RPT.GBL?Page=CDM_RPT_INDEX%26Action=U%26CDM_ID=1234567>CAS >> >> checks the query string and auto-encodes each ampersand to %26 which would >> result in >> >> https:// >> test.domain.com/EMPLOYEE/CDM_RPT.GBL?Page=CDM_RPT_INDEX%26Action=U%26CDM_ID=1234567 >> >> >> <http://test.domain.com/EMPLOYEE/CDM_RPT.GBL?Page=CDM_RPT_INDEX%26Action=U%26CDM_ID=1234567>This >> >> would allow the user to be redirected to the intended service URL. This >> would be done by not calling getParameter but instead calling >> getQueryString() and constructing the service string from that. >> >> Thoughts? >> >> BTW, I'm currently testing CAS 3.5.2 with Tomcat 7.0.64 >> >> Thanks! >> >> On Monday, September 26, 2016 at 12:02:56 PM UTC-4, Dan Roque wrote: >>> >>> Hi, >>> >>> I'm using an application that emails links to users to view reports >>> and need to redirect these links through CAS (version 3.5.2). The issue is >>> that the application does not URL encode these links when sending to the >>> user as there is no requirement to do so. If the URL is clicked "as-is", it >>> gets redirected to CAS which will strip off any extra parameters it finds. >>> I want to know if it would be possible to have CAS auto-encode the request >>> URL it receives before creating the service string. Here is an example of a >>> URL that is clicked by a user >>> >>> https:// >>> test.domain.com/EMPLOYEE/CDM_RPT.GBL?Page=CDM_RPT_INDEX&Action=U&CDM_ID=1234567 >>> >>> I redirect this to >>> >>> https:// >>> cas2.domain.com/cas/login?method=POST&service=https://test.domain.com/EMPLOYEE/CDM_RPT.GBL?Page=CDM_RPT_INDEX&Action=U&CDM_ID=1234567 >>> >>> >>> After the user authenticates with the above URL, the service used becomes >>> >>> https://test.domain.com/EMPLOYEE/CDM_RPT.GBL?Page=CDM_RPT_INDEX >>> >>> as Action is read as another parameter due to the ampersand. I would >>> like the entire URL to be used as a service and be altered to the following >>> >>> https:// >>> test.domain.com/EMPLOYEE/CDM_RPT.GBL?Page=CDM_RPT_INDEX%26Action=U%26CDM_ID=1234567 >>> >>> Does CAS have the capability to auto-encode this for me? So all the '&' >>> would change to '%26'. The only other alternative would be to figure out >>> how to get the application itself to auto-encode the URL but users wouldn't >>> have a "user-friendly" URL. >>> >>> I looked over the CAS 3.5.2 source code and noticed that the service is >>> generated in this method within the SimpleWebApplicationServiceImpl class >>> >>> SimpleWebApplicationServiceImpl createServiceFrom(final >>> HttpServletRequest request, final HttpClient httpClient) { ... } >>> >>> This is the only spot I can see where modifying the service URL would >>> work. >>> >>> Any input is appreciated. >>> >>> Thanks!! >>> >>> Dan >>> >> -- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To post to this group, send email to [email protected]. >> Visit this group at >> https://groups.google.com/a/apereo.org/group/cas-user/. >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/e98625b2-d88c-4497-84e7-baee138d0a69%40apereo.org >> >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/e98625b2-d88c-4497-84e7-baee138d0a69%40apereo.org?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/a/apereo.org/d/optout. >> >> -- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] <javascript:>. > To post to this group, send email to [email protected] <javascript:>. > Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/ > . > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/fbc46e83-c294-4742-8f0a-1c08219f1d8c%40apereo.org > > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/fbc46e83-c294-4742-8f0a-1c08219f1d8c%40apereo.org?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/a/apereo.org/d/optout. > > -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/7c8f7e29-ff6b-4771-8e5b-f063fed3cc8c%40apereo.org. For more options, visit https://groups.google.com/a/apereo.org/d/optout.
