We already managed to develop the interface. This is a simple webpage, where the client can either click on a "Connect" button, redirecting him to the CAS, or a "Local LogOn" button, which redirect him to a form to fill with local credentials. In both cases, the user is redirected to our app and logged in with correct credentials.
BUT, the client doesn't want to click on the "Connect" button, but wants to be automatically redirected to our app if he is already connected on the CAS
The problem is, if I automatically redirect him to the CAS, the user can't use the Local LogOn way because he will be blocked on the CAS.
Is there a way to query the CAS if the user is already logged, without redirecting him to it ? Or another way to do the trick?
If you have any hint to solve this problem, it will be very much appreciated.
Thank you in advance for your future answers !
-- Ray Bon Programmer analyst Development Services, University Systems 2507218831 | CLE 019 | rb...@uvic.ca
Few things to note for this program:
l This page just ack as a demo, use it carefully and understand I am not responsible for any risk involved
l Since I have no right for https://example.client.com/check_cas, hence this HTML was written without concerning before running this script you need to disable the same origin policy (You may find this link useful: https://stackoverflow.com/questions/3102819/disable-same-origin-policy-in-chrome)
n Disabling same origin policy might cause security concern for your browser, make sure to only access this HTML page when disabling same origin policy
l Detail usage of this page is contained inside the code (i.e. Click on Step 1 button, then click on Step 2 button)
n The time interval between clicking the first button and the second button should be less than 5 seconds
n Ultimately, both step 1 and step 2 should be done via programs, hence the ticket timeout duration should not matter
index.html (The same as the attached file)
<html> <head> <title>Simple CAS Ticket Usage</title> <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script>
<script type="text/javascript"> //Allow easy access to get parameter $.urlParam = function(url, name){ var results = new RegExp('[\?&]' + name + '=([^&#]*)').exec(url); if (results==null){ return null; } else{ return decodeURI(results[1]) || 0; } } //Allow easy access to get parameter end
$(function(){
var casUrl = "https://their.cas.server"; var step1Url = casUrl+"/cas/login?service=http%3A%2F%2Fexample.client.com%2Fcheck_cas"; var step2Url = casUrl+"/cas/p3/serviceValidate?service=http%3A%2F%2Fexample.client.com%2Fcheck_cas&ticket={{TICKET_INSERT_HERE}}";
$("#step1Url").text(step1Url); $("#step2Url").text(step2Url);
/////////////////////////////////////////STEP 1 LOGIC $("#step1_checkCas").click(function(){ document.getElementById('step1_iframe').src = step1Url; });
$('#step1_iframe').on('load', function() { var step1FinalUrl = document.getElementById("step1_iframe").contentWindow.location.href; var ticket = $.urlParam(step1FinalUrl, 'ticket'); $("#step1_finalUrl").val(step1FinalUrl); if(ticket == null){ alert("User Not Login, please login user in the same browser"); step2Url = casUrl+"/cas/p3/serviceValidate?service=http%3A%2F%2Fexample.client.com%2Fcheck_cas&ticket=" + "{{TICKET_INSERT_HERE}}"; }else{ $("#step1_Ticket").val(ticket); step2Url = casUrl+"/cas/p3/serviceValidate?service=http%3A%2F%2Fexample.client.com%2Fcheck_cas&ticket=" + ticket; $("#step2Url").text(step2Url); } }); /////////////////////////////////////////STEP 1 LOGIC ENDS
/////////////////////////////////////////STEP 2 LOGIC
$("#step2_getUserInfo").click(function(){
$.ajax({ url: step2Url, type: "GET", dataType: "text", success: function(data) { console.log( "Step 2 Loaded: ", data ); $("#step2_result").text(data); } }); }); /////////////////////////////////////////STEP 2 LOGIC ENDS
})
</script>
</head> <body> <p style="color:red;">Make sure to disable the same origin policy while using this html program</p> <p>For Chrome, you can open chrome.exe like this[chrome.exe --disable-web-security --user-data-dir="D:/Chrome]</p> <p style="color:red;">Note: disable the same origin policy have security concern for your browser, please review this code first, and only use the "same orgin policy disabled" browser for this page</p> <p>For more info, read this <a href="https://stackoverflow.com/questions/3102819/disable-same-origin-policy-in-chrome">https://stackoverflow.com/questions/3102819/disable-same-origin-policy-in-chrome</a> page</p> <h1>Step 1:</h1> <iframe id="step1_iframe" src="" style="height: 300px;width: 500px;"></iframe><br/>
<button id="step1_checkCas">Step 1: Get Ticket </button> <br/> [Accessing: <span id="step1Url" style="color:blue;"></span>]<br/> Step 1 Final Url: <input id="step1_finalUrl" type="text" style="width: 700px;"/><br/> Step 1 Ticket: <input id="step1_Ticket" type="text" style="width: 700px;"/><br/>
<h1>Step 2:</h1> <button id="step2_getUserInfo">Step 2: Get User Information (UID)</button> <br/> [Accessing: <span id="step2Url" style="color:blue;"></span>]<br/> Step 2 Results:<br/>
<pre><code id="step2_result" class="xml">
</code></pre>
</body> </html>
|
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/92235380-351b-460e-b3de-b78f9d4f99a7%40apereo.org.