Use Javascript Redirection
Posted onUse Javascript Redirection - CAS User Manual - Jasig Wiki
- Skip to content
- Skip to breadcrumbs
- Skip to header menu
- Skip to action menu
Skip to quick search Quick Search
Pages")
- Blog
- Labels
- Attachments
- Advanced
- Space Directory
- Feed Builder
- Keyboard Shortcuts")
- Confluence Gadgets
- Log In
- Sign Up
Use Javascript Redirection
- Page restrictions apply
- Added by Dale Ogilvie, last edited by Dale Ogilvie on Apr 30, 2008 (view change)
- show comment hide comment Comment: Corrected links that should have been relative instead of absolute. Go to start of metadata Table of Contents
Home
Overall Architecture
- Building and Deploying
- Development
- Introduction
- Java Versions
- Releasing
- Spring Configuration
- Technical Overview
- Upgrading
Authentication
Authentication Managers
Security Policy
TicketRegistry
- BerkleyDB
- Default
- EhcacheTicketRegistry
- JBOSS TreeCache
- JDBCTicketRegistry
- JpaTicketRegistry
- MemcacheTicketRegistry
- TicketRegistry Cleaner
Testing
Protocols
- Add Your Custom Protocol
- Applications that Require POST Responses
- CAS
- OAuth
- OpenID
- RESTful API
- SAML 1.1
- SAML 2.0 (Google Accounts Integration)
- Single Sign Out
Advanced Topics
- Adding "Public Workstation" vs. "Private Workstation" Timeouts
- Auditing and Statistics Via Inspektr
- Internationalization
- LDAP Password Policy Enforcement
- Second-Level CAS Server
- Terracotta
- Use Javascript Redirection
- Deployment Scenarios
- Acceptable Use interface for Login Webflow
- Change Password Integration With Jasig CAS 3.4.7
- Localization
Tutorials and HOWTOs
- CAS on Windows Quick Setup Guide
- Clustering CAS
- Demo
- HOWTO Configure JBoss for HTTPS
- HOWTO Configure Single Sign On Session Timeout
- HOWTO Setup Dual Authentication in CAS - SSL Client Auth and LDAP
- HOWTO Setup LDAP GSSAPI+Kerberos Authentication in CAS
- HOWTO Switch to Sun JVM in RHEL
- End-to-end Windows Example
- HOWTO Use Jasypt to encrypt passwords in configuration files
- HOWTO utilize javax.servlet.http.HttpServletRequest isUserInRole( java.lang.String role )
- Migrating an existing CAS server installation
- Best Practice - Setting Up CAS Locally using the Maven2 WAR Overlay Method
- Deploying CAS 3.0.x in RHEL 5 with Sun Java
- HOWTO CASifying ASP.NET WebApp - ExampleWebsite
- HOWTO Configure CAS for LDAP DIGEST-MD5
- HOWTO Run Canoo Web Tests
- Shibboleth-CAS Integration
Troubleshooting
Services Management
Extensions
- ClearPass When redirecting from the https CAS application back to an http service after authenticating successfully, IE6 presents the user with a security dialog saying "you are about to be redirected to a connection that is not secure, do you really want to do this?". We can avoid this by using javascript to perform the redirection in the client browser, instead of a server side redirect. This approach works fine for web pages, but does not work for protected image content, which will not execute the returned javascript, so we revert to a serverside redirect for this type of content.
- Create WEB-INF/view/jsp/default/ui/redirect.jsp to perform the redirection using javascript ?<%
@page
import
=
"org.jasig.cas.authentication.principal.WebApplicationService"
%>
<%
@page
import
=
"org.jasig.cas.web.support.WebUtils"
%> <%
@page
import
=
"java.net.URL"
%>
<% WebApplicationService service = (WebApplicationService) request.getAttribute(
"service"
);
String ticket = (String) request.getAttribute(
"serviceTicketId"
); String redirectURL = service.getResponse(ticket).getUrl();
boolean
serverSideRedirect =
false
; // if redirect is for an image, js or css file
URL url =
new
URL(redirectURL); String path = url.getPath();
int
dotPos = path.lastIndexOf(
"."
);
// returns -1 if not found if
( dotPos != -
1
)
{
String ext = path.substring(dotPos).toLowerCase();
serverSideRedirect =
".gif"
.equals(ext) ||
".jpg"
.equals(ext) ||
".png"
.equals(ext) ||
".js"
.equals(ext) ||
".css"
.equals(ext); }
if
( serverSideRedirect ) {
// Serverside redirect using HTTP 302
response.sendRedirect(redirectURL);
} else
{
// Client side redirect using javascript
%> <!DOCTYPE html PUBLIC
"-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"
>
<%
} %>
- Make a redirect view available to CAS by adding it to WEB-INF/classes/default_view.properties
?/#/#/# Redirect view (logged in, javascript redirect to service)
redirectView.(
class
)=org.springframework.web.servlet.view.JstlView redirectView.url=/WEB-INF/view/jsp/
default
/ui/redirect.jsp
- Modify WEB-INF/login-webflow.xml to make the redirect end state use the new view
?<end-state id=
"redirect"
view=
"redirectView"
/>
Labels:
None
Edit Labels") Powered by a free Atlassian Confluence Open Source Project License granted to Java Architectures Special Interest Group. Evaluate Confluence today. This Confluence installation runs a Free Gliffy License - Evaluate Gliffy for your Wiki!
- Powered by Atlassian Confluence 4.1.5, the Enterprise Wiki
- Printed by Atlassian Confluence 4.1.5, the Enterprise Wiki.
- · Report a bug
- · Atlassian News