Well... If this is a necessary feature and you still haven't come up with a
solution, here an idea that might helps you. (I think
unauthorizedRedirectUrl is for other use case, hence not working, as you
have tested)
Any time user have this error "Service access denied due to missing
privileges", they will show an error on page. So it might be possible to
use Thymeleaf tricks to redirect user.
Note: The below method is not good code, but this is the only simple
solution I have think of off the top of my head.
==================================Below code are not
tested============================================
*classpath:/templates/casLoginView.hrml (inside <head> should be fine):*
<!-- th:block does not leave trace for users-->
<th:block th:if="${#fields.hasErrors('*')}">
<th:block th:each="err : ${#fields.errors('*')}" ><!--Loop through
errors-->
<script th:inline="javascript" th:if="${#fields.hasErrors('*') ==
@environment.getProperty('authenticationFailure.UnauthorizedServiceForPrincipalException')}">
window.location.href =
'http://www.example.com/the_page_you_want_your_user_to_be_redirected_to';
</script>
</th:block>
</th:block>
Then user will be redirected to this
http://www.example.com/the_page_you_want_your_user_to_be_redirected_to
page. when UnauthorizedServiceForPrincipalException error triggered.
If you want a more elegant solution, then you might look into modifying the
java code.... However, it might be more tedious.
- Andy
On Friday, 1 December 2017 23:02:48 UTC+8, crdaudt wrote:
>
> By default, if a user attempts to obtain a service ticket for a service
> that requires attributes that he/she does not have, CAS redirects them back
> to the login page with a message "Service access denied due to missing
> privileges". I wish to direct them elsewhere, because there is no point in
> the user logging in again. I attempted to use the
> "unauthorizedRedirectUrl" property, but that did not appear to have any
> affecti; unauthorized users are still directed back to the login page.
>
> I am attaching a copy of my json file. How do I send a user to a
> different URL?
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/f501c1d7-9d3d-41fa-b605-69e103c050bd%40apereo.org.
