You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Should commence method of CasAuthenticationEntryPoint must be a final method?
If the request is from ajax after session expired, the current commence method will send code 302 to browser, and browser will try to redirect to the cas login page. BUT if the cas server is not at the same domain as the application, browser will deny the request because of same-origin policy.
In the issue #2999 , Rob Winch shows an example to solve this problem:
Summary
Should
commence
method ofCasAuthenticationEntryPoint
must be afinal
method?If the request is from ajax after session expired, the current
commence
method will send code 302 to browser, and browser will try to redirect to the cas login page. BUT if the cas server is not at the same domain as the application, browser will deny the request because of same-origin policy.In the issue #2999 , Rob Winch shows an example to solve this problem:
This is nice, but the
commence
method ofCasAuthenticationEntryPoint
is final and I can not override it .So, maybe
commence
method ofCasAuthenticationEntryPoint
could remove thefinal
?The text was updated successfully, but these errors were encountered: