Hi, If you re-authenticate in your app, you will receive a new ST to access to your app, it's the normal flow of the CAS protocol.
What would you expect as a behaviour? Thanks. Best regards, Jérôme 2014-05-19 13:00 GMT+02:00 chris nikitas <[email protected]>: > Dooh!!! Of course... thanks for that! > > I am getting the redirection now... however when I end up to my final URL, > I have the ticket on the url. > > Is there a way to remove that? > > On Monday, May 19, 2014 11:54:36 AM UTC+1, Jérôme LELEU wrote: >> >> OK. I see, typo problem: not "?renew=true", but "&renew=true"... >> >> >> 2014-05-19 12:47 GMT+02:00 chris nikitas <[email protected]>: >> >>> Yes, so my original url is >>> http://127.0.0.1:8080/details<http://www.google.com/url?q=http%3A%2F%2F127.0.0.1%3A8080%2Fdetails%2Fcallback%3Fclient_name%3DCasClient&sa=D&sntz=1&usg=AFQjCNHmF24lyCht6c84ldd4PI8qh36kAA> >>> >>> And then I try to call https://10.222.345.123: >>> 8080/cas/login?service=http://127.0.0.1:8080/details?renew=true >>> >>> However it reloads the page with a new ticket like so: >>> http://127.0.0.1:8080/details?renew=true&ticket=ST-1095- >>> 6cHLzsFkF4NYM4NviOcgsdfsdrgdsfal >>> >>> But it does not prompt me to input my user credentials again. >>> >>> On the server side I do the following prior to calling the CAS login: >>> >>> HttpSession session = request.getSession(false); >>> session.invalidate(); >>> >>> SecurityContext context = SecurityContextHolder.getContext(); >>> Authentication auth = context.getAuthentication(); >>> >>> if (auth != null) { >>> new SecurityContextLogoutHandler().logout(request, >>> response, auth); >>> } >>> >>> context.setAuthentication(null); >>> >>> >>> On Monday, May 19, 2014 11:40:14 AM UTC+1, Jérôme LELEU wrote: >>>> >>>> I'm not sure I was clear enough here, but you must go to the CAS login >>>> url with the renew=true parameter, this parameter is applied on the CAS >>>> server side... >>>> >>>> >>>> 2014-05-19 12:11 GMT+02:00 chris nikitas <[email protected]>: >>>> >>>>> Using the ?renew=true <http://myservice/?renew=true>.query parameter, >>>>> it reloads the same page but does not prompt me to the CAS login page. >>>>> >>>>> I have a suspicion maybe the service ticket is still on the client or >>>>> something... >>>>> >>>>> On Monday, May 19, 2014 10:03:23 AM UTC+1, Jérôme LELEU wrote: >>>>>> >>>>>> Hi, >>>>>> >>>>>> I'm not exactly sure of what flow you have in mind, but you can force >>>>>> a re-authentication (even if the user is already authenticated) by using >>>>>> the renew parameter on the login url: /cas/login?service=http://myse >>>>>> rvice?renew=true. >>>>>> Best regards, >>>>>> Jérôme >>>>>> >>>>>> >>>>>> 2014-05-19 10:58 GMT+02:00 chris nikitas <[email protected]>: >>>>>> >>>>>>> Hi all, >>>>>>> >>>>>>> My application, talks to a third-party app which keeps it's own >>>>>>> authentication token. >>>>>>> >>>>>>> What I want to do is the following: >>>>>>> >>>>>>> If that third-party token expires, I want to force a CAS relogin >>>>>>> (give the user the CAS login form to enter their credentials) and upon >>>>>>> successful relogin, return to the page the were on. >>>>>>> >>>>>>> My app is using Spring Security and AngularJS at the front (if that >>>>>>> makes a difference). >>>>>>> >>>>>>> What would be the best way to go about this? >>>>>>> >>>>>>> Thanks, >>>>>>> Chris. >>>>>>> >>>>>>> -- >>>>>>> You are currently subscribed to [email protected] as: >>>>>>> [email protected] >>>>>>> To unsubscribe, change settings or access archives, see >>>>>>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>>>>>> >>>>>>> >>>>>> -- >>>>>> You are currently subscribed to [email protected] as: >>>>>> [email protected] >>>>>> To unsubscribe, change settings or access archives, see >>>>>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>>>>> >>>>>> -- >>>>> You are currently subscribed to [email protected] as: >>>>> [email protected] >>>>> To unsubscribe, change settings or access archives, see >>>>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>>>> >>>>> >>>> -- >>>> You are currently subscribed to [email protected] as: >>>> [email protected] >>>> To unsubscribe, change settings or access archives, see >>>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>>> >>>> -- >>> You are currently subscribed to [email protected] as: [email protected] >>> To unsubscribe, change settings or access archives, see >>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>> >>> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> -- > You are currently subscribed to [email protected] as: [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
