Use Javascript Redirection - CAS User Manual - Jasig Wiki

• Skip to content
• Skip to breadcrumbs
• Skip to header menu
• Skip to action menu

• Skip to quick search Quick Search

• Browse

• Pages")

• Blog
• Labels
• Attachments
• Mail
• Advanced

• Activity

• What’s New

• Space Directory
• Feed Builder
• Keyboard Shortcuts")
• Confluence Gadgets
• Log In
• Sign Up

1. Dashboard")
2. CAS User Manual
3. …
4. Navigation
5. Advanced Topics
6. Use Javascript Redirection

• Tools

• Attachments (0)")

• Page History

• Restrictions

• Info

• Link to this Page…")
• View in Hierarchy
• View Source

Use Javascript Redirection

Skip to end of metadata

• Page restrictions apply
• Added by Dale Ogilvie, last edited by Dale Ogilvie on Apr 30, 2008 (view change)
• show comment hide comment Comment: Corrected links that should have been relative instead of absolute. Go to start of metadata Table of Contents

Home

Overall Architecture

• Building and Deploying
• Development
• Introduction
• Java Versions
• Releasing
• Spring Configuration
• Technical Overview
• Upgrading

Authentication

• Active Directory
• Generic
• JAAS
• JDBC
• LDAP
• Legacy
• RADIUS
• SPNEGO
• Trusted
• X.509 Certificates

Authentication Managers

• Default AuthenticationManager
• Direct Mapping AuthenticationManager

Security Policy

• Ticket Expiration Policy
• Remember Me
• Throttling Login Attempts

TicketRegistry

• BerkleyDB
• Default
• EhcacheTicketRegistry
• JBOSS TreeCache
• JDBCTicketRegistry
• JpaTicketRegistry
• MemcacheTicketRegistry
• TicketRegistry Cleaner

Testing

• Apache JMeter
• Java HttpComponents Based Test Class
• Nagios plugins

Protocols

• Add Your Custom Protocol
• Applications that Require POST Responses
• CAS
• OAuth
• OpenID
• RESTful API
• SAML 1.1
• SAML 2.0 (Google Accounts Integration)
• Single Sign Out

Advanced Topics

• Adding "Public Workstation" vs. "Private Workstation" Timeouts
• Auditing and Statistics Via Inspektr
• Internationalization
• LDAP Password Policy Enforcement
• Second-Level CAS Server
• Terracotta
• Use Javascript Redirection
• Deployment Scenarios
• Acceptable Use interface for Login Webflow
• Change Password Integration With Jasig CAS 3.4.7
• Localization

Tutorials and HOWTOs

• CAS on Windows Quick Setup Guide
• Clustering CAS
• Demo
• HOWTO Configure JBoss for HTTPS
• HOWTO Configure Single Sign On Session Timeout
• HOWTO Setup Dual Authentication in CAS - SSL Client Auth and LDAP
• HOWTO Setup LDAP GSSAPI+Kerberos Authentication in CAS
• HOWTO Switch to Sun JVM in RHEL
• End-to-end Windows Example
• HOWTO Use Jasypt to encrypt passwords in configuration files
• HOWTO utilize javax.servlet.http.HttpServletRequest isUserInRole( java.lang.String role )
• Migrating an existing CAS server installation
• Best Practice - Setting Up CAS Locally using the Maven2 WAR Overlay Method
• Deploying CAS 3.0.x in RHEL 5 with Sun Java
• HOWTO CASifying ASP.NET WebApp - ExampleWebsite
• HOWTO Configure CAS for LDAP DIGEST-MD5
• HOWTO Run Canoo Web Tests
• Shibboleth-CAS Integration

Troubleshooting

• Logging
• SSL Troubleshooting and Reference Guide

Services Management

• Adding a New Service
• Attributes
• Configuring
• Deleting
• Editing

Extensions

• ClearPass When redirecting from the https CAS application back to an http service after authenticating successfully, IE6 presents the user with a security dialog saying "you are about to be redirected to a connection that is not secure, do you really want to do this?". We can avoid this by using javascript to perform the redirection in the client browser, instead of a server side redirect. This approach works fine for web pages, but does not work for protected image content, which will not execute the returned javascript, so we revert to a serverside redirect for this type of content.

1. Create WEB-INF/view/jsp/default/ui/redirect.jsp to perform the redirection using javascript ?<%

@page

import

=

"org.jasig.cas.authentication.principal.WebApplicationService"

%>

<%

@page

import

=

"org.jasig.cas.web.support.WebUtils"

%> <%

@page

import

=

"java.net.URL"

%>

<% WebApplicationService service = (WebApplicationService) request.getAttribute(

"service"

);

String ticket = (String) request.getAttribute(

"serviceTicketId"

); String redirectURL = service.getResponse(ticket).getUrl();

boolean

serverSideRedirect =

false

; // if redirect is for an image, js or css file

URL url =

new

URL(redirectURL); String path = url.getPath();

int

dotPos = path.lastIndexOf(

"."

);

// returns -1 if not found if

( dotPos != -

1

)

{

String ext = path.substring(dotPos).toLowerCase();

serverSideRedirect =

".gif"

.equals(ext) ||

".jpg"

.equals(ext) ||

".png"

.equals(ext) ||

".js"

.equals(ext) ||

".css"

.equals(ext); }

if

( serverSideRedirect ) {

// Serverside redirect using HTTP 302

response.sendRedirect(redirectURL);

} else

{

// Client side redirect using javascript

%> <!DOCTYPE html PUBLIC

"-//W3C//DTD XHTML 1.0 Transitional//EN"

"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"

>

<%

} %>

1. Make a redirect view available to CAS by adding it to WEB-INF/classes/default_view.properties

?/#/#/# Redirect view (logged in, javascript redirect to service)

redirectView.(

class

)=org.springframework.web.servlet.view.JstlView redirectView.url=/WEB-INF/view/jsp/

default

/ui/redirect.jsp

1. Modify WEB-INF/login-webflow.xml to make the redirect end state use the new view

?<end-state id=

"redirect"

view=

"redirectView"

/>

Labels:

None

Edit Labels") Powered by a free Atlassian Confluence Open Source Project License granted to Java Architectures Special Interest Group. Evaluate Confluence today. This Confluence installation runs a Free Gliffy License - Evaluate Gliffy for your Wiki!

• Powered by Atlassian Confluence 4.1.5, the Enterprise Wiki
• Printed by Atlassian Confluence 4.1.5, the Enterprise Wiki.
• · Report a bug
• · Atlassian News