CAS 5.0.0 SPNEGO - How to send a view after a failed authentication
170 views
Skip to first unread message
Philippe MARASSE
Aug 12, 2016, 9:31:51 AM8/12/16
to cas-...@apereo.org
Folks,
Actually, when SPNEGO authentication fails, it's falling back to login
form (wether cas.authn.spnego.send401OnAuthenticationFailure is true or
false).
But in our configuration, on a failure, we need to send a specific view.
How can I achieve that behavior ?
Regards.
--
Philippe MARASSE
Responsable pôle Infrastructures - DSIO
Centre Hospitalier Henri Laborit
CS 10587 - 370 avenue Jacques Cœur
86021 Poitiers Cedex
Tel : 05.49.44.57.19
Actually, when SPNEGO authentication fails, it's falling back to login
form (wether cas.authn.spnego.send401OnAuthenticationFailure is true or
false).
But in our configuration, on a failure, we need to send a specific view.
How can I achieve that behavior ?
Regards.
--
Philippe MARASSE
Responsable pôle Infrastructures - DSIO
Centre Hospitalier Henri Laborit
CS 10587 - 370 avenue Jacques Cœur
86021 Poitiers Cedex
Tel : 05.49.44.57.19
Misagh Moayyed
Aug 12, 2016, 11:56:37 AM8/12/16
to cas-...@apereo.org
You will likely need to adjust the login flow to account for a different view other than the default login view.
--
Misagh
Misagh
--
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To post to this group, send email to cas-...@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/191f5df0-b4e1-7ce2-5f82-c6e47fbbe161%40ch-poitiers.fr.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.
Philippe MARASSE
Aug 21, 2016, 4:38:07 PM8/21/16
to cas-...@apereo.org
Thanks for your answer, but I've seen,
if I'm not mistaken, a hardcoded transition to viewloginform :
Component : cas-server-support-spnego-webflow
class : org.apereo.cas.web.flow.SpengoWebflowConfigurer
line 24 : .getTransitionSet().add(createTransition(CasWebflowConstants.TRANSITION_ID_ERROR, CasWebflowConstants.STATE_ID_VIEW_LOGIN_FORM));
If I modify login-webflow, I think it will be superseded by this class ?
Regards.
Component : cas-server-support-spnego-webflow
class : org.apereo.cas.web.flow.SpengoWebflowConfigurer
line 24 : .getTransitionSet().add(createTransition(CasWebflowConstants.TRANSITION_ID_ERROR, CasWebflowConstants.STATE_ID_VIEW_LOGIN_FORM));
If I modify login-webflow, I think it will be superseded by this class ?
Regards.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/etPan.57adf1aa.6ff49626.d48a%40unicon.net.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.
-- Philippe MARASSE Responsable pôle Infrastructures - DSIO Centre Hospitalier Henri Laborit CS 10587 - 370 avenue Jacques Coeur 86021 Poitiers Cedex Tel : 05.49.44.57.19
Misagh Moayyed
Aug 22, 2016, 3:08:56 AM8/22/16
to cas-...@apereo.org
You are to keep state in your web flow. What happens when you enter that state is up to you. Or for full form, you configure the flow dynamically.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/822c0ae7-eea3-faa1-0ce6-a2853df0ebf4%40ch-poitiers.fr.
Philippe MARASSE
Sep 2, 2016, 12:51:23 PM9/2/16
to cas-...@apereo.org
Thank you. It seems that login webflow modifications I've made do
not get overridden by Configurer class. fine.
But my new view is not rendered, I get a blank screen.
excerpt from login webflow :
<action-state id="spnego">
<evaluate expression="spnego" />
<transition on="success" to="sendTicketGrantingTicket" />
<transition on="error" to="casSpnegoErrorView" />
</action-state>
<end-state id="casSpnegoErrorView" view="casSpnegoErrorView" />
I've created a src/main/resources/templates/casSpnegoErrorView.html based on error.html found in cas-server-webapp package.
I've triggered debug on webflow, it shows that the state is reached :
2016-09-02 18:47:52,657 WARN [org.apereo.cas.web.flow.SpnegoCredentialsAction] - <SPNEGO Authorization header not found under Authorization or it does not begin with the prefix Negotiate >
2016-09-02 18:47:52,658 WARN [org.apereo.cas.web.flow.SpnegoCredentialsAction] - <No credentials detected. Navigating to error...>
2016-09-02 18:47:52,660 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Finished executing org.apereo.cas.web.flow.SpnegoCredentialsAction@3189e6; result = error>
2016-09-02 18:47:52,660 DEBUG [org.springframework.webflow.execution.AnnotatedAction] - <Clearing action execution attributes map[[empty]]>
2016-09-02 18:47:52,660 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Finished executing [EvaluateAction@d93334 expression = spnego, resultExpression = [null]]; result = error>
2016-09-02 18:47:52,660 DEBUG [org.springframework.webflow.engine.Transition] - <Executing [Transition@12e8efb on = error, to = casSpnegoErrorView]>
2016-09-02 18:47:52,660 DEBUG [org.springframework.webflow.engine.Transition] - <Exiting state 'spnego'>
2016-09-02 18:47:52,660 DEBUG [org.springframework.webflow.engine.EndState] - <Entering state 'casSpnegoErrorView' of flow 'login'>
2016-09-02 18:47:52,660 DEBUG [org.springframework.webflow.engine.Transition] - <Completed transition execution. As a result, the flow execution has ended>
2016-09-02 18:47:52,660 DEBUG [org.springframework.webflow.engine.Transition] - <Completed transition execution. As a result, the flow execution has ended>
2016-09-02 18:47:52,660 DEBUG [org.springframework.webflow.engine.Transition] - <Completed transition execution. As a result, the flow execution has ended>
2016-09-02 18:47:52,660 DEBUG [org.springframework.webflow.engine.Transition] - <Completed transition execution. As a result, the flow execution has ended>
2016-09-02 18:47:52,660 DEBUG [org.springframework.webflow.engine.Transition] - <Completed transition execution. As a result, the flow execution has ended>
2016-09-02 18:47:52,660 DEBUG [org.springframework.webflow.engine.Transition] - <Completed transition execution. As a result, the flow execution has ended>
2016-09-02 18:47:52,660 DEBUG [org.springframework.webflow.engine.Transition] - <Completed transition execution. As a result, the flow execution has ended>
I'm sure I'm missing something...
Regards.
But my new view is not rendered, I get a blank screen.
excerpt from login webflow :
<action-state id="spnego">
<evaluate expression="spnego" />
<transition on="success" to="sendTicketGrantingTicket" />
<transition on="error" to="casSpnegoErrorView" />
</action-state>
<end-state id="casSpnegoErrorView" view="casSpnegoErrorView" />
I've created a src/main/resources/templates/casSpnegoErrorView.html based on error.html found in cas-server-webapp package.
I've triggered debug on webflow, it shows that the state is reached :
2016-09-02 18:47:52,657 WARN [org.apereo.cas.web.flow.SpnegoCredentialsAction] - <SPNEGO Authorization header not found under Authorization or it does not begin with the prefix Negotiate >
2016-09-02 18:47:52,658 WARN [org.apereo.cas.web.flow.SpnegoCredentialsAction] - <No credentials detected. Navigating to error...>
2016-09-02 18:47:52,660 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Finished executing org.apereo.cas.web.flow.SpnegoCredentialsAction@3189e6; result = error>
2016-09-02 18:47:52,660 DEBUG [org.springframework.webflow.execution.AnnotatedAction] - <Clearing action execution attributes map[[empty]]>
2016-09-02 18:47:52,660 DEBUG [org.springframework.webflow.execution.ActionExecutor] - <Finished executing [EvaluateAction@d93334 expression = spnego, resultExpression = [null]]; result = error>
2016-09-02 18:47:52,660 DEBUG [org.springframework.webflow.engine.Transition] - <Executing [Transition@12e8efb on = error, to = casSpnegoErrorView]>
2016-09-02 18:47:52,660 DEBUG [org.springframework.webflow.engine.Transition] - <Exiting state 'spnego'>
2016-09-02 18:47:52,660 DEBUG [org.springframework.webflow.engine.EndState] - <Entering state 'casSpnegoErrorView' of flow 'login'>
2016-09-02 18:47:52,660 DEBUG [org.springframework.webflow.engine.Transition] - <Completed transition execution. As a result, the flow execution has ended>
2016-09-02 18:47:52,660 DEBUG [org.springframework.webflow.engine.Transition] - <Completed transition execution. As a result, the flow execution has ended>
2016-09-02 18:47:52,660 DEBUG [org.springframework.webflow.engine.Transition] - <Completed transition execution. As a result, the flow execution has ended>
2016-09-02 18:47:52,660 DEBUG [org.springframework.webflow.engine.Transition] - <Completed transition execution. As a result, the flow execution has ended>
2016-09-02 18:47:52,660 DEBUG [org.springframework.webflow.engine.Transition] - <Completed transition execution. As a result, the flow execution has ended>
2016-09-02 18:47:52,660 DEBUG [org.springframework.webflow.engine.Transition] - <Completed transition execution. As a result, the flow execution has ended>
2016-09-02 18:47:52,660 DEBUG [org.springframework.webflow.engine.Transition] - <Completed transition execution. As a result, the flow execution has ended>
I'm sure I'm missing something...
Regards.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/etPan.57baa4fb.76cff3d7.17e1c%40unicon.net.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.
-- Philippe MARASSE Responsable pôle Infrastructures - DSIO Centre Hospitalier Henri Laborit CS 10587 - 370 avenue Jacques Cœur 86021 Poitiers Cedex Tel : 05.49.44.57.19
Reply all
Reply to author
Forward
0 new messages