Redirect to the right service after password reset

[lubla]

CAS 5.3:

I'm facing with this issue with the password management module:

The user navigates to a protected service page and he gets redirected to https://mycas.example.com/cas/login?service=https://myprotected.site.

Then he clicks the "Forgot Password" buttons, receives the e-mail and, following the link he eventually changes his password.

After the succesful password change it seems that the original service url is lost (the same if the password is changed upon expirtation), and the subsequent login remain on the cas site without redirecting to the original service.

Is there any way to configure CAS so as to preserve the original service url and redirecting to it after the password reset?

Many thanks in advance.

[Andy Ng]

Hi lubla,

I have looked into the HTML of CAS 6 (if CAS 6 don't have the feature, CAS 5 won't have) of the password reset success page, I don't see any preservation of service, so I guess this part is not implemented...

https://github.com/apereo/cas/blob/v6.1.1/webapp/cas-server-webapp-resources/src/main/resources/templates/casPasswordUpdateSuccessView.html

You see that in the form action here

<form method="post" id="form" class="fm-v clearfix" th:action="@{/login}">

They just point to /login without any service parameter.

So I think customization might be needed for this to be done.

Side note:

- If you only have one service, you can actually set a default service, and that will make it so, even no service in the header, user still getting redirected back to the service they should go to:

  cas.view.defaultRedirectUrl: https://www.example.com

See if the above info helps...

- Andy