I do see this "CAS does allow options for auto-redirection of the authentication flow to a provider, if only there is a single provider available and configured." (https://apereo.github.io/cas/5.2.x/integration/Delegate-Authentication.html#user-interface). But this is such a useful feature particularly when there are multiple providers.. is there a way to turn it on for multiple providers?
On Wednesday, July 21, 2021 at 9:35:40 AM UTC-5 Alin Tomoiaga wrote: > This is the behavior that I am seeing in 5.2.7: > - if I have a single delegated idp, this works > https://myapppretectedwithcas?client_name=remoteidp1 > <https://myapppretectedwithcas/?client_name=remoteidp1>. It works great; > get redirected to remoteidp1 comes back to app, great. > > cas.authn.pac4j.cas[0].loginUrl=https://remoteidp1/cas/login > cas.authn.pac4j.cas[0].protocol=CAS20 > cas.authn.pac4j.cas[0].clientName=remoteidp1 > cas.authn.pac4j.cas[0].autoRedirect=true # not sure if this does anything > > cas.authn.pac4j.autoRedirect=true # i guess this works > > - but if I have two idps, then > https://myapppretectedwithcas?client_name=remoteidp1 > <https://myapppretectedwithcas/?client_name=remoteidp1> does not work > anymore > > cas.authn.pac4j.cas[0].loginUrl=https://remoteidp1/cas/login > cas.authn.pac4j.cas[0].protocol=CAS20 > cas.authn.pac4j.cas[0].clientName=remoteidp1 > cas.authn.pac4j.cas[0].autoRedirect=true # not sure if this does anything > > cas.authn.pac4j.autoRedirect=true # i guess this works > > cas.authn.pac4j.cas[1].loginUrl=https://remoteidp2/cas/login > cas.authn.pac4j.cas[1].protocol=CAS20 > cas.authn.pac4j.cas[1].clientName=remoteidp2 > > Now, nothing works, > this does not work meaning the user is just presented with the WAYF page, > but they are not sent to the IDPs directly > https://myapppretectedwithcas?client_name=remoteidp2 > <https://myapppretectedwithcas/?client_name=remoteidp2> > this does not work > https://myapppretectedwithcas?client_name=remoteidp1 > <https://myapppretectedwithcas/?client_name=remoteidp1> > > Thank you for your help! > Best. > > On Wednesday, July 21, 2021 at 9:00:43 AM UTC-4 Alin Tomoiaga wrote: > >> How can we skip the WAYF (choose IDP screen) when delegating to multiple >> IDPs? >> >> Consider the scenario: >> - our cas delegates to two other cas servers >> - when the use logs in, they are presented with a screen allowing them to >> choose the IDP >> - every time the user logs in, they need to choose the idp. >> - is there a way to cache/save the choice as a default and /or provide >> the user with a url that will take them directly to the desired IDP? >> >> Thanks >> > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/a9fc5db5-4690-45b1-9385-ce2a886594d8n%40apereo.org.
