Skip to content

CAS Redirection

December 1, 2008

In case of Service URL:

1.       CAS  client – after Login –  doFilter -> CAS Receipt  (Containing the ticket  ) added to the Session
2.       CAS server redirect to the requesting service URL i.e :    welcome page
3.       DefaultCASLoginHandler handleRequest called
4.       Forwarded to ProfileRepository data loading
5.       Error in profile loading
6.       LoginException dumped to trace
7.       Session invalidated –à CAS Receipt stored in session lost.
8.       Redirected to errGrantPage.html
9.       CAS doFilter called
10.   Receipt not found
11.   Generate a new CASReceipt (i.e Ticket)  for the service – ZZ welcome page
12.   Redirect to the service url – i.e welcome page
13.   —-Same process repeated again and again —–

In case of Server name:port

1.       CAS Client after login doFilter -> CAS Receipt  (Containing the ticket  ) added to the Session
2.       CAS server redirect to the requesting service URL i.e :  ZZ  welcome page
3.       DefaultCASLoginHandler handleRequest called
4.       Forwarded to ProfileRepository data loading
5.       Error in profile loading
6.       LoginException dumped to trace
7.       Session invalidated –à CAS Receipt stored in session lost.
8.       Redirected to errGrantPage.html
9.       CAS doFilter called
10.   Receipt not found
11.   Generate a new CASReceipt (i.e Ticket)  for the service – errGrantPage.html
12.   Redirect to the service url – i.e errGrantPage.html

Thus what happens is CAS Server redirects to the requesting service – which is welcome page in case of Service URL and errGrantPage in case of server name.

I think  – if  ZZ takes the approach of redirecting to errorPage first – and on render method  of error page –
1.       Giving a timer on error page – to the user that he doesn’t have rights and would be redirected to the logout page
2.       Invalidating the session and Redirect to CAS Logout page – after a few seconds.

Advertisements
No comments yet

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: