Hello CAS Community,
This entry is more about the solution than about the problem. I’ve implemented the “*SSO Warning Session Cookie*”, described in *CAS 7.2.x docs* (https://apereo.github.io/cas/development/authentication/Configuring-SSO-Warning-Cookie.html), in my CAS 66x server, by doing the following: 1) Configured *SSO Warning Session Cookie* properties at *cas.properties* 2) Added the html input described in the following CAS 4.2 documentation in */login/casConfirmView.html* Thymeleaf template <input id="warn" name="warn" value="true" tabindex="3" accesskey="A" type="checkbox"> https://unicon.github.io/cas/4.2.x/installation/User-Interface-Customization.html#warning-before-accessing-application 3) Restarted my CAS server After the steps above, while testing this feature, I’ve had a problem. After hitting the “Warn me!” check box on login page, authenticating with success and correctly navigating to the *casConfirmView *page, I became stuck at that page. Every attempt to hit continue caused the same page to be displayed. After a lot of debug and after analyzing the CAS login web flow, with the */actuator/springWebflow* URL, I noticed that the *showWarningView *state was not returning the expected “*success*”, stopping the flow from correctly transitioning to the *finalizeWarning *state. Based on that observation, and after adding the following html input <input type="hidden" name="_eventId" value="success" /> to the */login/casConfirmView.html *Thymeleaf template, inside the existing html <form>, the flow now seems to work well, I think this missing input was a CAS 7x / 66x bug. Altough this feature has the following automated test https://github.com/apereo/cas/blob/39a80823bf29abcd3b1e08b63a2207728e006e49/support/cas-server-support-actions/src/test/java/org/apereo/cas/web/flow/ServiceWarningActionTests.java#L34 which I suppose is passing, I think this feature wasn’t tested manually (there is no warn checkbox on default casLoginView.html template / loginform.html fragment), and because of that, this missing <input type="hidden" name="_eventId" value="success" /> issue wasn’t found. Again, I’m not asking for help, just sharing this information with anyone who might find it useful. I’m sorry for not making a pull request to CAS 7.x or CAS 6.x, to be analyzed, I don’t have that possibility right now. Kind regards, Luis Costa -- - Website: https://apereo.github.io/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/e9bf17ea-aca1-4a06-a62e-4f94e68cfe30n%40apereo.org.
