AnsweredAssumed Answered

Web Script CAS login redirect

Question asked by nmcminn Employee on Nov 18, 2008
Latest reply on Feb 26, 2009 by nmcminn
Hello all,

We are working on a project with Liferay 5.1.2, Alfresco Labs 3b, and CAS.  So far everything is working _mostly_ as expected, but we have one vexing problem I can't seem to figure out.

We have several other web apps in which we would like to embed some of the alfresco web scripts that require authentication. I found on the forums that if you access the services via the wcservice URL, Alfresco will use whatever Authenticator is configured for the web client.  In our case this is a CAS authenticator.  Yay!  We already use CAS to provide SSO between Alfresco and Liferay, so this should be easy, right?  Just pop the service URL into an iFrame, and let CAS do its thing.

This is where things get frustrating.  The first time we hit a service, Alfresco bounces the request over to CAS (as expected).  However, the URL that Alfresco is passing to CAS in the "service" parameter is always "alfresco/faces/jsp/login.jsp".  In order for any kind of deep linking to work, Alfresco should be passing the original request URL.  Once CAS validates the ticket, it forwards the browser back to the URL in the "service" parameter.  Subsequent hits to the services work exactly as intended, without any redirects, since the CAS ticket has already been validated.

My question is:  How can I configure Alfresco to pass the original request URL to CAS in the "service" parameter, instead of the login page URL?

Thanks for any assistance you can provide.

Outcomes