Hyland Connect

sorin_postelnic · ‎01-21-2020

Hello,

We are using Alfresco Share 5.2.6 and we are using an external SSO based on Yale CAS.

Everything was working OK when we were using Alfresco 4.2, but since we migrated to 5.2.1 (and recently to 5.2.6), we are encountering every time this problem whenever a user performs a login (for the first time during a browsing session):

1) The user tries to open https://ourserver/share/

1b) The default index.jsp page performs a redirect to https://ourserver/share/page/

2) The CAS Filter intercepts the request, and redirects to the external SSO webpage

3) The user performs a successful login in the External SSO (CAS) and it is redirected back to the following URL:

https://ourserver/share/page/;jsessionid=210C2ECCDE88B1F5B074FBDD913497F9.

4) Then the default Share (Surf) handlers will try to display this page but in the end throw the error:

javax.servlet.ServletException: Could not resolve view with name ';jsessionid=210C2ECCDE88B1F5B074FBDD913497F9' in servlet with name 'Spring Surf Dispatcher Servlet'

If the user then removes from the browser addressbar everything after /share/, then the login is successful.
But this is not a real solution.

Is there any Share of Surf configuration (or something that we can do) to remove from the URL the part starting with ";...." ?

(I wonder why was it working in Alfresco 4.2, without us doing any special manipulation of the URL.)

Thank you in advance to anyone who has encountered this problem or can suggest us which configuration parameter or code we should use to make sure we don't get this error.

sorin_postelnic · ‎01-22-2020

Finally I solved it by creating a custom Filter to perform the following operation after the CAS Filter:

@Override
public void doFilter(ServletRequest sreq, ServletResponse sresp, FilterChain chain) throws IOException, ServletException {

   HttpServletRequest req = (HttpServletRequest) sreq;
   HttpServletResponse resp = (HttpServletResponse) sresp;

   // Remove from the request URL the CAS_SESSION_ID (can have different names), since it interferes with the ViewResolver
   HttpServletRequest wreq = new HttpServletRequestWrapper(req) {
      @Override
      public String getRequestURI() {
         String originalRequestURI = super.getRequestURI();
         return originalRequestURI.replaceFirst(";[^?]*", "");
      }
   };

   chain.doFilter(wreq, sresp);
}

This will simply remove everything starting with ; and to the end of the URL (or until the query-string, in case the SESSION_ID was inserted before the query-string parameters).

web.xml:

<filter-mapping>
   <filter-name>CAS filter</filter-name>
   <url-pattern>/page/*</url-pattern>
</filter-mapping>


<filter-mapping>
   <filter-name>Remove SESSION_ID Filter</filter-name>
   <url-pattern>/page/*</url-pattern>
</filter-mapping>

For the moment it works, and I hope it doesn't introduce other side-effects which I haven't thought about.

Report Inappropriate Content · ‎04-05-2020

Hi, I am facing the same problem accessing Share from external sso app.

Have you found any other solution?

Can you share with me your entire filter custom filter class?

Thank you.

hamsterz · ‎04-05-2020

Have you found any other solution?

Can you share with me your entire filter custom filter class? I am still new here, i don't know which class to implement, and where to put the class in the webapp.

Thank you.

Hyland Connect

How to remove jsessionid from rootpage url with External SSO