Inject query parameter to OIDC delegated login
21 views
Skip to first unread message
Pablo Vidaurri
Jan 14, 2026, 5:34:27 PM (3 days ago) Jan 14
to CAS Community
Using CAS v6.6.15.2, I was able to overlay this class DelegatedClientAuthenticationRedirectAction to look for a TARGET query parameter from cas/login?TARGET=https://foobar.com and create/inject a parameter to send via URIBuilder to the delegated login service.
Now testing this in v7.3.3, applying my same changes to do work. Instead it looks like it is not receiving the same URL in the request object but instead the URL of the CAS client redirect for the delegated login.
Anyone know of an alternate source that I can to move my logic to?
Lines I was using:
val request = WebUtils.getHttpServletRequestFromExternalWebflowContext(requestContext);
String queryString = request.getQueryString();
String target = request.getParameter("TARGET");
if (target.contains("foobar/something") {
builder.addParameter("casclient", "something");
}
-psv
Ray Bon
Jan 14, 2026, 8:49:46 PM (3 days ago) Jan 14
to cas-...@apereo.org
Pablo,
With delegated login, cas becomes the 'service' to the remote authenticator.
The processing for your service would be later in the logs.
Ray
From: cas-...@apereo.org <cas-...@apereo.org> on behalf of Pablo Vidaurri <psvid...@gmail.com>
Sent: January 14, 2026 14:17
To: CAS Community <cas-...@apereo.org>
Subject: [cas-user] Inject query parameter to OIDC delegated login
Sent: January 14, 2026 14:17
To: CAS Community <cas-...@apereo.org>
Subject: [cas-user] Inject query parameter to OIDC delegated login
--
- Website: https://apereo.github.io/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/f2e2be14-bf15-423f-bf2a-cb9a7dafee6dn%40apereo.org.
- Website: https://apereo.github.io/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/f2e2be14-bf15-423f-bf2a-cb9a7dafee6dn%40apereo.org.
Pablo Vidaurri
Jan 14, 2026, 11:29:54 PM (3 days ago) Jan 14
to CAS Community, Ray Bon
Let me clarify, using delegated login using PAC4J OIDC
CAS login flow:
cas/login -> cas/clientredirect?client_name=foobar -> auto redirects to Azure B2C -> after login, redirect back to cas/login/AzureClient?state=123abc .... eventually back to secured resourceon cas/clientredirect, DelegatedClientAuthenticationRedirectAction is executed to where I can append dynamic query params to the B2C URL This worked well under v6.6.15.2 but it in v7.3.3, the request is not longer containing the TARGET query param, instead it is the query params are onlyy client_name and lang_cd. I am losing the TARGET query pararm.
-psv
Reply all
Reply to author
Forward
0 new messages