Hi Jerome, I am happy with the re-authentication. I was just talking about the ticket on the actual url.
On Monday, May 19, 2014 4:07:11 PM UTC+1, Jérôme LELEU wrote: > > Hi, > > If you re-authenticate in your app, you will receive a new ST to access to > your app, it's the normal flow of the CAS protocol. > > What would you expect as a behaviour? > > Thanks. > Best regards, > Jérôme > > > > 2014-05-19 13:00 GMT+02:00 chris nikitas <[email protected]<javascript:> > >: > >> Dooh!!! Of course... thanks for that! >> >> I am getting the redirection now... however when I end up to my final >> URL, I have the ticket on the url. >> >> Is there a way to remove that? >> >> On Monday, May 19, 2014 11:54:36 AM UTC+1, Jérôme LELEU wrote: >>> >>> OK. I see, typo problem: not "?renew=true", but "&renew=true"... >>> >>> >>> 2014-05-19 12:47 GMT+02:00 chris nikitas <[email protected]>: >>> >>>> Yes, so my original url is >>>> http://127.0.0.1:8080/details<http://www.google.com/url?q=http%3A%2F%2F127.0.0.1%3A8080%2Fdetails%2Fcallback%3Fclient_name%3DCasClient&sa=D&sntz=1&usg=AFQjCNHmF24lyCht6c84ldd4PI8qh36kAA> >>>> >>>> And then I try to call https://10.222.345.123: >>>> 8080/cas/login?service=http://127.0.0.1:8080/details?renew=true >>>> >>>> However it reloads the page with a new ticket like so: >>>> http://127.0.0.1:8080/details?renew=true&ticket=ST-1095- >>>> 6cHLzsFkF4NYM4NviOcgsdfsdrgdsfal >>>> >>>> But it does not prompt me to input my user credentials again. >>>> >>>> On the server side I do the following prior to calling the CAS login: >>>> >>>> HttpSession session = request.getSession(false); >>>> session.invalidate(); >>>> >>>> SecurityContext context = SecurityContextHolder.getContext(); >>>> Authentication auth = context.getAuthentication(); >>>> >>>> if (auth != null) { >>>> new SecurityContextLogoutHandler().logout(request, >>>> response, auth); >>>> } >>>> >>>> context.setAuthentication(null); >>>> >>>> >>>> On Monday, May 19, 2014 11:40:14 AM UTC+1, Jérôme LELEU wrote: >>>>> >>>>> I'm not sure I was clear enough here, but you must go to the CAS login >>>>> url with the renew=true parameter, this parameter is applied on the CAS >>>>> server side... >>>>> >>>>> >>>>> 2014-05-19 12:11 GMT+02:00 chris nikitas <[email protected]>: >>>>> >>>>>> Using the ?renew=true <http://myservice/?renew=true>.query >>>>>> parameter, it reloads the same page but does not prompt me to the CAS >>>>>> login >>>>>> page. >>>>>> >>>>>> I have a suspicion maybe the service ticket is still on the client or >>>>>> something... >>>>>> >>>>>> On Monday, May 19, 2014 10:03:23 AM UTC+1, Jérôme LELEU wrote: >>>>>>> >>>>>>> Hi, >>>>>>> >>>>>>> I'm not exactly sure of what flow you have in mind, but you can >>>>>>> force a re-authentication (even if the user is already authenticated) >>>>>>> by >>>>>>> using the renew parameter on the login url: /cas/login?service= >>>>>>> http://myservice?renew=true. >>>>>>> Best regards, >>>>>>> Jérôme >>>>>>> >>>>>>> >>>>>>> 2014-05-19 10:58 GMT+02:00 chris nikitas <[email protected]>: >>>>>>> >>>>>>>> Hi all, >>>>>>>> >>>>>>>> My application, talks to a third-party app which keeps it's own >>>>>>>> authentication token. >>>>>>>> >>>>>>>> What I want to do is the following: >>>>>>>> >>>>>>>> If that third-party token expires, I want to force a CAS relogin >>>>>>>> (give the user the CAS login form to enter their credentials) and upon >>>>>>>> successful relogin, return to the page the were on. >>>>>>>> >>>>>>>> My app is using Spring Security and AngularJS at the front (if that >>>>>>>> makes a difference). >>>>>>>> >>>>>>>> What would be the best way to go about this? >>>>>>>> >>>>>>>> Thanks, >>>>>>>> Chris. >>>>>>>> >>>>>>>> -- >>>>>>>> You are currently subscribed to [email protected] as: >>>>>>>> [email protected] >>>>>>>> To unsubscribe, change settings or access archives, see >>>>>>>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>>>>>>> >>>>>>>> >>>>>>> -- >>>>>>> You are currently subscribed to [email protected] as: >>>>>>> [email protected] >>>>>>> To unsubscribe, change settings or access archives, see >>>>>>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>>>>>> >>>>>>> -- >>>>>> You are currently subscribed to [email protected] as: >>>>>> [email protected] >>>>>> To unsubscribe, change settings or access archives, see >>>>>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>>>>> >>>>>> >>>>> -- >>>>> You are currently subscribed to [email protected] as: >>>>> [email protected] >>>>> To unsubscribe, change settings or access archives, see >>>>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>>>> >>>>> -- >>>> You are currently subscribed to [email protected] as: >>>> [email protected] >>>> To unsubscribe, change settings or access archives, see >>>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>>> >>>> >>> -- >>> You are currently subscribed to [email protected] as: >>> [email protected] >>> To unsubscribe, change settings or access archives, see >>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>> >>> -- >> You are currently subscribed to [email protected] <javascript:> as: >> [email protected] <javascript:> >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> > -- > You are currently subscribed to [email protected] <javascript:> as: > [email protected] <javascript:> > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
