On 13-09-10 02:52 AM, Jérôme LELEU wrote:
Hi,
How did you configure the redirection to your password management
application ? In the webflow ? With an end-state ?
What version of the CAS server do you use ?
Just an action, in an action-state. The action modifies the service url.
Right now, 3.4.10. The version I'm working on upgrading to, which the
changes should be incorporated with, is 3.5.2.
Thanks.
Best regards,
Jérôme
2013/9/9 Trenton D. Adams <[email protected]
<mailto:[email protected]>>
I never did receive a response on this. Anyone know how to do this?
Thanks.
On 13-07-30 05:14 PM, Trenton D. Adams wrote:
Hi Guys,
I've tried a bunch of things with setting session attributes in
CAS, but
none of them seem to work. I have a problem where our redirect
to our
password management application works, but the user hits the
back button
and is then immediately redirected to the service they wanted to
access,
without being forced to change their password to match our rules.
What I'd like to do, to solve this, is store a session variable
indicating that they failed during authentication. Then, when the
password manager redirects them back through CAS again, to get
to their
service, it will pass a parameter indicating that their session may
continue. I'm not worried about people hacking that, and
putting it in
manually. I just want to prevent most users from hitting the
back button.
All of these work until you've proceeded to the service, but
then the
attribute is wiped, and is not seen when you return to CAS.
This one works temporarily, presumably because CAS doesn't use a
servlet
container session.
final HttpServletRequest request;
request =
(HttpServletRequest)context.__getExternalContext().__getNativeRequest();
HttpSession session = request.getSession();
Same here...
context.getExternalContext().__getGlobalSessionMap().put("__autest",
"test
value");
Same here...
context.getExternalContext().__getSessionMap().put("autest",
"test value");
Same here...
context.getFlowScope().put("__autest", "test value");
My class was defined as...
public class LoginChecksAction extends AbstractAction
I attempted the above in doExecute(), and used a web flow execution
listener to log the information on every request, to see if it's
working.
Thanks.
--
Trenton D. Adams
Senior Systems Analyst/Web Software Developer
Navy Penguins at your service!
Athabasca University
(780) 675-6195
:wq!
--
This communication is intended for the use of the recipient to
whom it
is addressed, and may contain confidential, personal, and or
privileged
information. Please contact us immediately if you are not the
intended
recipient of this communication, and do not copy, distribute, or
take
action relying on it. Any communications received in error, or
subsequent reply, should be deleted or destroyed.
---
--
You are currently subscribed to [email protected]
<mailto:[email protected]> as: [email protected]
<mailto:[email protected]>
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/__display/JSG/cas-user
<http://www.ja-sig.org/wiki/display/JSG/cas-user>
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
Trenton D. Adams
Senior Systems Analyst/Web Software Developer
Navy Penguins at your service!
Athabasca University
(780) 675-6195
:wq!
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
