No conversation state found
cantor.2 at osu.edu
Tue Dec 15 20:45:14 EST 2015
On 12/15/15, 7:18 PM, "users on behalf of Andrew Morgan" <users-bounces at shibboleth.net on behalf of morgan at orst.edu> wrote:
>Why isn't this error trapped and managed by a pretty error page?
It's a plain servlet and not MVC, so it's outside the reach of the error handling in the IdP, and I didn't consider the possible ways it might get invoked when it shouldn't be.
>Is there a way to do that?
Web server sort of approaches, probably, otherwise not without code changes. I might be able to cook up something but not really sure at this point.
>I think this is a common error condition our users will see, but please
>correct me if I'm wrong!
Not if CAS didn't permit bookmarking, which no SSO should ever allow IMHO . But of course it's not beyond the possible for somebody to still explicitly go to that location, so it's a bug. I don't know how fixable without converting it to MVC. One code fix might be to hack it to just unilaterally route back into the IdP at some location that will trigger the more usual IdP error for this when it catches that exception. Ugly, but maybe a possibility.
You could choose to use the RemoteUserInternal handler instead but with the cost that it's always going to go to CAS right up front no matter what. But that probably would trap the direct call properly.
Or of course there's not using both SSO systems.
More information about the users