1 Reply Latest reply on Dec 1, 2009 9:18 AM by 719400

    SSO filter problem in Self-Service page flows


      I need to integrate Self-Service with a Jasig CAS SSO-solution. It works fine except for pages like the product configurator, check out process etc. The Self-Service page flows for these have ceased to work since i implemented the Self-Service authentication filters.

      This is a filter in the web.xml which you map to all pages that needs authentication.

      An example:
      In the product configurator,step 1, when you click "next" you dont get to the next step 2, but rather back to step 1. My suspicion is that, since all the steps are handled by the same jspx - the CAS authentication filter mess up since it intercepts the request to check if the user is logged in and then redirects the user back to the url given. But something is lost on the way here.

      Does anyone have an idea for how to tackle this?

        • 1. Re: SSO filter problem in Self-Service page flows
          Here's a clarification of my problem:

          I'm facing an issue when integrating the Jasig CAS SSO with Siebel Self-Service (which is an Oracle ADF application). When applying the CAS Authentication Filters, the navigation rules and page flows in the Self-Service application cease to work.

          The Siebel Self-Service application is using adfFaces filter, adfBindings filter and the SelfService filter as controllers for the pages.

          For the integration with the Jasig CAS, a client lib is installed in the Self-Service OC4J. This CAS Client provides an "Authentication Filter" that is defined in the web.xml. The pages in Self-Service that are to be protected by this authentication filter (the pages that needs user authentication in order to be accessed) are also mapped in the web.xml. This authentication filter checks the user against the CAS Server and sends back a ticket parameter with the URL if the user is logged in. This parameter is used to validate the login attempt, and on successful validation, the CAS server provides the username of the user to a bean called by the SelfServiceFilter in the Self-Service app.

          My problem is that any JSF navigation on a page (navigation rules and page flows) cease to work as soon as a page is protected by the Authentication filter. One example would be during the check out process (which consists of several steps - several jspx pages). When you click “Next” on the first check out step, you are not redirected to step no 2, but to the same check out page as you started on.

          Since the Authentication Filter protects all the pages involved, it will intercept any request to these pages, fetch the request URL, redirect to the CAS server for user authentication, and on successful authentication it will redirect the user back to the URL that was fetched by the Authentication Filter in the first place.

          I have been looking into this, and I think that the JSF navigation rules etc, cease to work because the JSF page flows are being interrupted. When clicking “next” the page would normally post information to the life cycle of the requested page (which in some cases in this app, is also a postback to the same page). This information is then used when going through the life cycle of the new page. But when the CAS Authentication Filter intercepts the request, send the user to the CAS server and then redirect back to the page, this page life cycle is interrupted, or the necessary data is not attached in this “new” request.

          Does anyone have an idea for how I can solve this issue?