Views
The views are found at src/main/resources/templates
which is a location within the CAS web application itself.
Views also may be externalized outside the web application conditionally and individually, provided the external path
via CAS settings. If a view template file is not found at the externalized path, the default one that ships with CAS will be used as the fallback.
Views may also be found using an external URL in CAS settings that is responsible to produce the full view body in the response. This URL endpoint will receive the available request headers as well as the following headers in its request:
Header |
---|
owner |
template |
resource |
theme , if available |
locale , if available |
Upon a successful 200
status result, the response body is expected to contain the view that will be rendered by CAS.
To see the relevant list of CAS properties, please review this guide.
Warning Before Accessing Application
CAS has the ability to warn the user before being redirected to the service. This allows users to be made aware whenever an application uses CAS to log them in. (If they don’t elect the warning, they may not see any CAS screen when accessing an application that successfully relies upon an existing CAS single sign-on session.) Some CAS adopters remove the ‘warn’ checkbox in the CAS login view and don’t offer this interstitial advisement that single sign-on is happening.
1
2
3
4
5
6
7
8
9
...
<input id="warn"
name="warn"
value="true"
tabindex="3"
th:accesskey="#{screen.welcome.label.warn.accesskey}"
type="checkbox" />
<label for="warn" th:utext="#{screen.welcome.label.warn}"/>
...
“I am at a public workstation” authentication
CAS has the ability to allow the user to opt-out of SSO, by indicating on the login page that the authentication is happening at a public workstation. By electing to do so, CAS will not honor the subsequent SSO session and will not generate the TGC that is designed to do so.
1
2
3
4
5
6
7
...
<input id="publicWorkstation"
name="publicWorkstation"
value="false" tabindex="4"
type="checkbox" />
<label for="publicWorkstation" th:utext="#{screen.welcome.label.publicstation}"/>
...
Default Service
In the event that no service
is submitted to CAS, you may specify a default
service url to which CAS will redirect. Note that this default service, much like
all other services, MUST be authorized and registered with CAS.
To see the relevant list of CAS properties, please review this guide.