Access Strategy + Url Redirect CAS 5.3.9
33 views
Skip to first unread message
Raphaël CHANE
May 7, 2019, 7:59:15 AM5/7/19
to CAS Community
Hi guys, im trying to configure access strategy to a service. So I have a unauthorizedRedirectUrl, 1 requiredAttributes and 1 rejectedAttributes
"accessStrategy" : {
"@class" : "org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy",
"enabled" : true,
"unauthorizedRedirectUrl": "https://xxx.xxx.xx/xx/acc-blocked.html",
"requiredAttributes" : {
"@class" : "java.util.HashMap",
"udlAccountStatus" : [ "java.util.HashSet", [ "Active" ] ]
},
"rejectedAttributes" : {
"@class" : "java.util.HashMap",
"udlAccountStatus" : ["java.util.HashSet", [ "Blocked" ] ]
}
}
}
But When I log in as account1 with udlAccountStatus set to "Active" it redirect me at "https://xxx.xxx.xx/xx/compte-blocked.html". But it should redirect me to my service...
Moreover is it possible to configure another unauthorizedRedirectUrl? For example my udlAccountStatus is set to "Waiting", I'd like to redirect the user to https://xxx.xxx.xx/xx/acc-waiting.html
Best regards,
"accessStrategy" : {
"@class" : "org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy",
"enabled" : true,
"unauthorizedRedirectUrl": "https://xxx.xxx.xx/xx/acc-blocked.html",
"requiredAttributes" : {
"@class" : "java.util.HashMap",
"udlAccountStatus" : [ "java.util.HashSet", [ "Active" ] ]
},
"rejectedAttributes" : {
"@class" : "java.util.HashMap",
"udlAccountStatus" : ["java.util.HashSet", [ "Blocked" ] ]
}
}
}
But When I log in as account1 with udlAccountStatus set to "Active" it redirect me at "https://xxx.xxx.xx/xx/compte-blocked.html". But it should redirect me to my service...
Moreover is it possible to configure another unauthorizedRedirectUrl? For example my udlAccountStatus is set to "Waiting", I'd like to redirect the user to https://xxx.xxx.xx/xx/acc-waiting.html
Best regards,
Raphaël CHANE
May 13, 2019, 5:55:40 AM5/13/19
to CAS Community
Update
Now the problem is that my cas cannot validate my ST TICKET, here the log of the issue :
CAS is unable to process this request: "500:Internal Server Error"
There was an error trying to complete your request. Please notify your support desk or try again.
Apereo
is a non-profit open source software governance foundation. The CAS
software is an Apereo sponsored project and is freely downloadable and
usable by anyone. However, Apereo does not operate the systems of anyone
using the software and in most cases doesn't even know who is using it
or how to contact them unless they are an active part of the Apereo
community.
If you are having problems logging in using CAS, you will need to contact the IT staff or Help Desk of your organization for assistance.
We wish we could be more directly helpful to you.
If you are having problems logging in using CAS, you will need to contact the IT staff or Help Desk of your organization for assistance.
We wish we could be more directly helpful to you.
org.pac4j.core.exception.TechnicalException: cannot validate CAS ticket: ST-4-IXBxZlVICC4dHGHgN32TkgqV4Rccas6-1-dev at org.pac4j.cas.credentials.authenticator.CasAuthenticator.validate(CasAuthenticator.java:107)
...
Caused by: org.jasig.cas.client.validation.TicketValidationException: UNAUTHORIZED_SERVICE at org.jasig.cas.client.validation.Cas20ServiceTicketValidator.parseResponseFromServer(Cas20ServiceTicketValidator.java:84) at org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:201) at org.pac4j.cas.credentials.authenticator.CasAuthenticator.validate(CasAuthenticator.java:72) ... 99 more
Reply all
Reply to author
Forward
0 new messages