You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have an IdentityServer 4 application that must support multiple CAS configurations.
In order to do that, I iterate through my cas configuration and add a builder for each one of them:
public static AuthenticationBuilder AddCasAuth(this AuthenticationBuilder builder, CasSetting casSetting)
{
// Scheme must be the company identifier
builder.AddCAS(casSetting.Scheme, casSetting.DisplayName, options =>
{
options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
options.ServiceTicketValidator = new Cas20ServiceTicketValidator(options);
options.CasServerUrlBase = casSetting.BaseUrl;
// required for Cas SingleLogout
options.SaveTokens = true;
options.Events = new CasEvents
{
OnCreatingTicket = context =>
{
// ... Handle the recieved claims ...
return Task.CompletedTask;
},
OnRemoteFailure = context =>
{
// ... Handle the errors ...
return Task.CompletedTask;
}
};
});
return builder;
}
It works fine for the first element of my collection, but for the ones after, I have the following error after logging in the CAS server: State invalid or missing.
When I look at the context in the OnRemoteFailure, I find the configuration of the first element of my collection but the CAS login page matches the right element of the collection.
If I try to log in with Scheme 2, I land on the login page on https://domain2/cas, when I validate the form, I am redirected to my error page and the context of OnRemoteFailure has the Scheme 1 configuration. (hence the invalid state)
Is it supposed to be supported? Am I missing something here?
Thank you
The text was updated successfully, but these errors were encountered:
Thank you for your response, it solved my problem.
So each cas configuration must have a unique CallbackPath that defines which configuration is to be used when the callback is received?
Hello,
I have an IdentityServer 4 application that must support multiple CAS configurations.
In order to do that, I iterate through my cas configuration and add a builder for each one of them:
It works fine for the first element of my collection, but for the ones after, I have the following error after logging in the CAS server: State invalid or missing.
When I look at the context in the OnRemoteFailure, I find the configuration of the first element of my collection but the CAS login page matches the right element of the collection.
For example:
If I try to log in with Scheme 2, I land on the login page on https://domain2/cas, when I validate the form, I am redirected to my error page and the context of OnRemoteFailure has the Scheme 1 configuration. (hence the invalid state)
Is it supposed to be supported? Am I missing something here?
Thank you
The text was updated successfully, but these errors were encountered: