Thanks for the pointer. I went the KISS route ...
I added duplicate configs in my cas.properties file, one for each region/language defining required auto-redirect-type for each that differs from the original: custom.azure.redirect-url.uk=https://www.myapp.uk custom.azure.redirect-url.cn=https://www.myapp.cn cas.authn.pac4j.oidc[0].azure.id=<my_client_id> cas.authn.pac4j.oidc[0].azure.secret=<my_super_cEeKrEt) cas.authn.pac4j.oidc[0].azure.tenant=<my_tenent> cas.authn.pac4j.oidc[0].azure.auto-redirect-type=NONE cas.authn.pac4j.oidc[1].azure.id=${cas.authn.pac4j.oidc[0].azure.id} cas.authn.pac4j.oidc[1].azure.secret=${cas.authn.pac4j.oidc[0].azure.secret} cas.authn.pac4j.oidc[1].azure.tenant=${cas.authn.pac4j.oidc[0].azure.tenant} cas.authn.pac4j.oidc[1].azure.callback-url=${custom.azure.redirect-url.uk}/cas/login cas.authn.pac4j.oidc[1].azure.auto-redirect-type=${cas.authn.pac4j.oidc[0].azure.auto-redirect-type} cas.authn.pac4j.oidc[2].azure.id=${cas.authn.pac4j.oidc[0].azure.id} cas.authn.pac4j.oidc[2].azure.secret=${cas.authn.pac4j.oidc[0].azure.secret} cas.authn.pac4j.oidc[2].azure.tenant=${cas.authn.pac4j.oidc[0].azure.tenant} cas.authn.pac4j.oidc[2].azure.callback-url=${custom.azure.redirect-url.cn}/cas/login cas.authn.pac4j.oidc[2].azure.auto-redirect-type=${cas.authn.pac4j.oidc[0].azure.auto-redirect-type} Then updated my login form to only display appropriate delegated button/link for the given region/language. On Saturday, February 3, 2024 at 8:13:18 AM UTC-6 Ray Bon wrote: > Pablo, > > This may give some ideas https://fawnoos.com/2017/10/23/cas-multitenancy/ > > Ray > > On Fri, 2024-02-02 at 21:10 -0800, Pablo Vidaurri wrote: > > Notice: This message was sent from outside the University of Victoria > email system. Please be cautious with links and sensitive information. > > > I have a situation where the same app is deployed on different domains, > each for a different region... so something like mysite.uk, mysite.jp, > etc. They all log into a central CAS and CAS delegates to AD. > > What I need is to define the callback url depending on the service. > > - I see i can define cas.authn.pac4j.oidc[0].azure.callback-url=foobar > but that will be used by all the domains. > - In loginProviders.html, it looks like I can update redirectUrl, but > it is being ignored and continues to use ${cas.server.prefix}/login > > th:attr="autoRedirectType=${#strings.toLowerCase(entry.autoRedirectType)},redirectUrl=@{${entry.redirectUrl}}" > - Looks like not support out of the box with a service config (filter > for OIDC) > > https://apereo.github.io/cas/6.6.x/services/Configuring-Service-Custom-Properties.html#supported-properties > > Short of overriding a class and introducing new properties, any other > ideas? > > -psv > > > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/40e175b3-23e7-4ed2-9a8e-2f37c63324den%40apereo.org.
