Skip to end of metadata
Go to start of metadata
Table of Contents

When redirecting from the https CAS application back to an http service after authenticating successfully, IE6 presents the user with a security dialog saying "you are about to be redirected to a connection that is not secure, do you really want to do this?". We can avoid this by using javascript to perform the redirection in the client browser, instead of a server side redirect. This approach works fine for web pages, but does not work for protected image content, which will not execute the returned javascript, so we revert to a serverside redirect for this type of content.

1. Create WEB-INF/view/jsp/default/ui/redirect.jsp to perform the redirection using javascript

2. Make a redirect view available to CAS by adding it to WEB-INF/classes/default_view.properties

 3. Modify WEB-INF/login-webflow.xml to make the redirect end state use the new view




  • No labels