conditional display/redirect

Nate Klingenstein ndk at
Wed Nov 5 16:26:46 EST 2014


> Is it possible to have a SP behave such that if a user accesses a URL while authenticated it displays or redirects in one way and if not authenticated neither redirects to the login prompt nor error page but rather displays something different or redirects to a different URL?

I don’t know of an intuitive way to do this in the SP itself, but there are thousands of examples of integrations that do what you’d like to achieve by a little conditional logic in the page rendering.

> For example, accessing a URL like /webapp/whoami might return...
> -> If authenticated, your username
> -> If not authenticated the text "not logged in”

You could try /Shibboleth.sso/Status as a simpler variant of this. 

> To extend this concept, accessing a URL like /webapp/classes might return...
> -> If authenticated, a list of _my_ classes
> -> If not authenticated, a list of all classes in the public catalog (perhaps by redirecting to /webapp/classes/public but by neither redirecting to a login prompt nor showing an error page)

That’s getting very application specific and it would be very unusual to have something like class list display determined by the SP.

> We are thinking of extending this to a set of REST endpoints that would allow authenticated users to see one thing but unauthenticated users to experience a different behavior. (Some users will never have SSO accounts, hence why we won't want to prompt everyone to login automatically.) While I'd never implement it this way I'm hoping to avoid something resembling a "send Ajax request, if HTTP 401/403 is returned do something else" pattern in JavaScript logic. Maybe I'm just over-thinking this…

I wouldn’t do this in client code, though you could.  I’d just have a simple switch in the web page rendering code along with whatever persistence/caching layer like Varnish that you may need.  Here are some examples:

Just one perspective,

More information about the users mailing list