We currently support SSO in our web application and work well. But, when the user is configured in SSO, but not in our web application, we have a redirect cycle.
We noticed that when this happens, webapp calls this URL:
/login.jsp?errormsg=The+User%3A+SOMEUSER+doesn%27t+exist
And my forced url configuration is as follows:
com.sun.identity.agents.config.notenforced.uri[0] = / com.sun.identity.agents.config.notenforced.uri[1] = /-*-.jsp com.sun.identity.agents.config.notenforced.uri[2] = /-*-.jsp* com.sun.identity.agents.config.notenforced.uri[3] = /-*-.jsp?* ... com.sun.identity.agents.config.notenforced.uri.invert = true
I use all jsps for verification through SSO. But, what I want to do is define a URI, for example:
- If you are making a .jsp call but it does not have the errormsg parameter, check the session through SSO;
- But if .jsp is called and the errormsg parameter is in the url, donβt check it, release it.
The thing is, can I use regular expressions for SSO URIs? Because these patterns
/ - * -. Jsp
as far as I know, are not regular expressions.
How can I create this filter?
java regex jsp single-sign-on
Oscar Calderon
source share