- Issue created by @Jaspreet Longia
- Assigned to Jaspreet Longia
- Merge request !32Update cas.routing.yml - added "user_is_logged_in" requirement to cas.login β (Open) created by Jaspreet Longia
- last update
4 months ago 100 pass - πΊπΈUnited States bkosborne New Jersey, USA
Going to make a new branch because this one was created with branch name 2.x and it's making it harder to review locally (I already have a branch with that name)
- Merge request !37Update cas.routing.yml - added "user_is_logged_in" requirement to cas.login β (Open) created by bkosborne
- πΊπΈUnited States bkosborne New Jersey, USA
bkosborne β changed the visibility of the branch 2.x to hidden.
- Status changed to Needs review
3 months ago 2:00pm 4 June 2024 - Issue was unassigned.
- πΊπΈUnited States bkosborne New Jersey, USA
Thanks for the review. I'll see about extending that base class!
Another thing I want to try and resolve here is this scenario:
- Authenticated user clicks a link to /cas?destination=/some/page
- User is denied access to /cas since they're already logged in
- Our subscriber intercepts the exception and redirects the user to the homepage
- The /some/page destination is lost
We have at least one site that's using this workflow for links that this patch breaks.
- Status changed to Needs work
about 1 month ago 8:15am 25 July 2024 - π·π΄Romania claudiu.cristea Arad π·π΄
Given π AccessDeniedSubscriber should extend HttpExceptionSubscriberBase RTBC is RTBC and most likely will me merged, I think we should do it also here.
i think #11 makes sense