I'm not sure why you did this:
<decision-state id="hasServiceCheck">
<!-- <if test="${flowScope.service != null}"
then="renewRequestCheck" else="viewGenericLoginSuccess" /> -->
<if test="${flowScope.service != null}"
then="renewRequestCheck" else="startAuthenticate" />
</decision-state>
You essentially said if there is no service then start authenticating,
otherwise if there is a service do a renewRequestCheck
On Thu, Jul 30, 2009 at 12:24 PM, Bryan Wooten <[email protected]> wrote:
> I have finished developing my Opensso authentication handler (modeled
> after the X509 handler) using the overlay build method.
>
>
>
> So far everything is working great, I just can’t get the web flow to work
> as described here:
>
>
>
> http://www.ja-sig.org/wiki/display/CASUM/X.509+Certificates
>
>
>
> I am including my web flow xml. Could someone take a look at it and tell
> what I have done wrong? I will be eternally grateful.
>
>
>
> Thanks,
>
>
>
> Bryan
>
>
>
>
>
>
>
> <?xml version="1.0" encoding="UTF-8"?>
>
> <flow xmlns="http://www.springframework.org/schema/webflow";
>
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
>
> xsi:schemaLocation="
>
> http://www.springframework.org/schema/webflow
>
>
> http://www.springframework.org/schema/webflow/spring-webflow-1.0.xsd";>
>
>
>
> <start-state idref="initialFlowSetup"/>
>
>
>
> <action-state id="initialFlowSetup">
>
> <action bean="initialFlowSetupAction" />
>
> <transition on="success"
> to="ticketGrantingTicketExistsCheck" />
>
>
>
>
>
> <!—If I do this I am able to prove my authenticator works, but this can’t
> be a production solution
>
> <transition on="success" to="startAuthenticate" />
>
> </action-state>
>
> -->
>
> <decision-state id="ticketGrantingTicketExistsCheck">
>
> <if
> test="${flowScope.ticketGrantingTicketId != null}" then="hasServiceCheck"
> else="gatewayRequestCheck" />
>
> </decision-state>
>
>
>
> <decision-state id="gatewayRequestCheck">
>
> <if
> test="${externalContext.requestParameterMap['gateway'] != '' &&
> externalContext.requestParameterMap['gateway'] != null &&
> flowScope.service != null}" then="redirect" else="viewLoginform" />
>
> </decision-state>
>
>
>
> <decision-state id="hasServiceCheck">
>
> <!-- <if test="${flowScope.service != null}"
> then="renewRequestCheck" else="viewGenericLoginSuccess" /> -->
>
> <if test="${flowScope.service != null}"
> then="renewRequestCheck" else="startAuthenticate" />
>
> </decision-state>
>
>
>
> <decision-state id="renewRequestCheck">
>
> <if
> test="${externalContext.requestParameterMap['renew'] != '' &&
> externalContext.requestParameterMap['renew'] != null}"
> then="startAuthenticate" else="generateServiceTicket" />
>
> </decision-state>
>
>
>
> <!--
>
> The "warn" action makes the determination
> of whether to redirect directly to the requested
>
> service or display the "confirmation" page
> to go back to the server.
>
> -->
>
> <decision-state id="warn">
>
> <if test="${flowScope.warnCookieValue}"
> then="showWarningView" else="redirect" />
>
> </decision-state>
>
>
>
> <!--
>
> <action-state id="startAuthenticate">
>
> <action bean="x509Check" />
>
> <transition on="success"
> to="sendTicketGrantingTicket" />
>
> <transition on="error" to="viewLoginForm"
> />
>
> </action-state>
>
> -->
>
>
>
> <action-state id="startAuthenticate">
>
> <action bean="accessManagerCheck" />
>
> <transition on="success"
> to="sendTicketGrantingTicket" />
>
> <transition on="error" to="viewLoginForm"
> />
>
> </action-state>
>
>
>
> <view-state id="viewLoginForm" view="casLoginView">
>
> <render-actions>
>
> <action
> bean="authenticationViaFormAction" method="setupForm"/>
>
> <action
> bean="authenticationViaFormAction" method="referenceData"/>
>
> </render-actions>
>
> <transition on="submit"
> to="bindAndValidate" />
>
> </view-state>
>
>
>
> <action-state id="bindAndValidate">
>
> <action bean="authenticationViaFormAction"
> />
>
> <transition on="success" to="submit" />
>
> <transition on="error" to="viewLoginForm"
> />
>
> </action-state>
>
>
>
> <action-state id="submit">
>
> <action bean="authenticationViaFormAction"
> method="submit" />
>
> <transition on="warn" to="warn" />
>
> <transition on="success"
> to="sendTicketGrantingTicket" />
>
> <transition on="error" to="viewLoginForm"
> />
>
> </action-state>
>
>
>
> <action-state id="sendTicketGrantingTicket">
>
> <action
> bean="sendTicketGrantingTicketAction" />
>
> <transition on="success" to="serviceCheck"
> />
>
> </action-state>
>
>
>
> <decision-state id="serviceCheck">
>
> <if test="${flowScope.service != null}"
> then="generateServiceTicket" else="viewGenericLoginSuccess" />
>
> </decision-state>
>
>
>
> <action-state id="generateServiceTicket">
>
> <action bean="generateServiceTicketAction"
> />
>
> <transition on="success" to ="warn" />
>
> <transition on="error" to="viewLoginForm"
> />
>
> <transition on="gateway" to="redirect" />
>
> </action-state>
>
>
>
> <!--
>
> the "viewGenericLogin" is the end state for
> when a user attempts to login without coming directly from a service.
>
> They have only initialized their
> single-sign on session.
>
> -->
>
> <end-state id="viewGenericLoginSuccess"
> view="casLoginGenericSuccessView" />
>
>
>
> <!--
>
> The "showWarningView" end state is the end
> state for when the user has requested privacy settings (to be "warned") to
> be turned on. It delegates to a
>
> view defines in default_views.properties
> that display the "Please click here to go to the service." message.
>
> -->
>
> <end-state id="showWarningView" view="casLoginConfirmView"
> />
>
>
>
> <!--
>
> The "redirect" end state allows CAS to
> properly end the workflow while still redirecting
>
> the user back to the service required.
>
> -->
>
> <end-state id="redirect"
> view="bean:dynamicRedirectViewSelector" />
>
>
>
> <end-state id="viewServiceErrorView"
> view="viewServiceErrorView" />
>
>
>
> <end-state id="viewServiceSsoErrorView" view="viewServiceSsoErrorView"
> />
>
>
>
> <global-transitions>
>
> <transition to="viewServiceErrorView"
> on-exception="org.springframework.webflow.execution.repository.NoSuchFlowExecutionException"
> />
>
> <transition to="viewServiceSsoErrorView"
> on-exception="org.jasig.cas.services.UnauthorizedSsoServiceException" />
>
> <transition to="viewServiceErrorView"
> on-exception="org.jasig.cas.services.UnauthorizedServiceException" />
>
> </global-transitions>
>
> </flow>
>
> --
> You are currently subscribed to [email protected] as:
> [email protected]
>
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
>
>
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
