Hi, How did you configure the redirection to your password management application ? In the webflow ? With an end-state ? What version of the CAS server do you use ? Thanks. Best regards, Jérôme
2013/9/9 Trenton D. Adams <[email protected]> > I never did receive a response on this. Anyone know how to do this? > > Thanks. > > On 13-07-30 05:14 PM, Trenton D. Adams wrote: > >> Hi Guys, >> >> I've tried a bunch of things with setting session attributes in CAS, but >> none of them seem to work. I have a problem where our redirect to our >> password management application works, but the user hits the back button >> and is then immediately redirected to the service they wanted to access, >> without being forced to change their password to match our rules. >> >> What I'd like to do, to solve this, is store a session variable >> indicating that they failed during authentication. Then, when the >> password manager redirects them back through CAS again, to get to their >> service, it will pass a parameter indicating that their session may >> continue. I'm not worried about people hacking that, and putting it in >> manually. I just want to prevent most users from hitting the back button. >> >> All of these work until you've proceeded to the service, but then the >> attribute is wiped, and is not seen when you return to CAS. >> >> This one works temporarily, presumably because CAS doesn't use a servlet >> container session. >> final HttpServletRequest request; >> request = >> (HttpServletRequest)context.**getExternalContext().**getNativeRequest(); >> HttpSession session = request.getSession(); >> >> >> Same here... >> context.getExternalContext().**getGlobalSessionMap().put("**autest", >> "test >> value"); >> >> Same here... >> context.getExternalContext().**getSessionMap().put("autest", "test >> value"); >> >> Same here... >> context.getFlowScope().put("**autest", "test value"); >> >> >> My class was defined as... >> public class LoginChecksAction extends AbstractAction >> >> I attempted the above in doExecute(), and used a web flow execution >> listener to log the information on every request, to see if it's working. >> >> Thanks. >> > > > -- > Trenton D. Adams > Senior Systems Analyst/Web Software Developer > Navy Penguins at your service! > Athabasca University > (780) 675-6195 > :wq! > > -- > This communication is intended for the use of the recipient to whom it > is addressed, and may contain confidential, personal, and or privileged > information. Please contact us immediately if you are not the intended > recipient of this communication, and do not copy, distribute, or take > action relying on it. Any communications received in error, or > subsequent reply, should be deleted or destroyed. > --- > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/**display/JSG/cas-user<http://www.ja-sig.org/wiki/display/JSG/cas-user> > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
