Error with not logged redirection

[jusabatier]

Describe the bug

In the last release (2023.02.00-RC2-geOrchestra), the redirect if not connected function doesn't work with georchestra.

https://github.com/georchestra/mapstore2-georchestra/issues/415

To Reproduce

Steps to reproduce the behavior:

1. Open a context with specific access restriction when not logged
2. The redirect url is '/?login='
3. So we get a redirection error since the root domain isn't intercepted by georchestra

Expected behavior

We should be redirected to georchestra's CAS login, then to the context.

Screenshots

Capture vidéo du 08-08-2023 10:06:44.webm

@catmorales @MaelREBOUX @landryb @tdipisa

[landryb]

trying here from https://FQDN/mapstore/#/context/all_plugins/106 i get a proper redirection to /cas/login?service=https://FQDN/login/cas, but if logging in i'm not redirected to the previous url but to https://FQDN/header/ which is clearly not what we want either.

[landryb]

to be fully clear, from my understanding what happens is:

• /mapstore/rest/geostore/data/106 returns a 403
• then a request to https://FQDN/?login is done by mapstore
• which returns a 302 with a Location header pointing at https://FQDN/cas/login?service=https://FQDN/login/cas
• and the user is presented with the cas login page

[jusabatier]

I think you have a proper redirect because your FQDN root is handled by your security proxy ?

Here I have a Wordpress on the root of my FQDN, so only georchestra's path are proxied to SP (header, console, mapstore, etc...), so if mapstore want to be redirected to login by SP it should use /mapstore/?login

I think lot of platforms use the FQDN root as a portal not handled by georchestra's SP so a georchestra's app shoud use it's own path to trigger the login.

[landryb]

well if that's the case i think you can configure it via localConfig.json (untested but cf https://github.com/geosolutions-it/MapStore2/pull/9298)

"miscSettings": {
     "loginPage": "/?login"  // example
}

miscSettings section is just above plugins .. but looking at the code in the PR loginPage doesnt seem to be used anywhere, and it's not in the documentation near homePage so ... @dsuren1 ? was that lost during dev ?

[landryb]

it'd be nice to have an explanation of what's the usecase of homePage vs loginPage if both exist.

[dsuren1]

well if that's the case i think you can configure it via localConfig.json (untested but cf geosolutions-it/MapStore2#9298)

"miscSettings": {
     "loginPage": "/?login"  // example
}

miscSettings section is just above plugins .. but looking at the code in the PR loginPage doesnt seem to be used anywhere, and it's not in the documentation near homePage so ... @dsuren1 ? was that lost during dev ?

I have updated the referred PR to avoid confusion. That configuration is not valid and redirection is handled in geOrchestra directly. Currently redirection to login is done by appending /?login to host, probably it should be set this way /mapstore/?login to at least redirect to /mapstore upon login

[landryb]

right, got it - so that's hardcoded to /?login in https://github.com/georchestra/mapstore2-georchestra/blob/master/js/epics/login.js#L12 for now

[jusabatier]

Can it be updated to /mapstore/?login ?

Maybe a way to handle the redirect after login is to use localStorage to store the last requested context :

1. Mapstore register the requested context in localStorage before redirect to /masptore/?login
2. User is redirected to CAS, and after login to /mapstore/ (the default context)
3. If a requested context is registered in localStorage, the default context redirect to this one and remove it from localStorage

[jusabatier]

Can it be updated to /mapstore/?login ?

@tdipisa @catmorales Any news about this ?

It's very anoying as currently our users are redirected to an error page if they're not connected. This is a part of the MS2 and is currently not functional. Can you at least perform this correction to not have an error page ?

And maybe have a return for my previous suggestion ?

[tdipisa]

@jusabatier we have schedule a fix for next week. We will keep you posted. Thank you.

[tdipisa]

Update through https://github.com/georchestra/mapstore2-georchestra/pull/665#issuecomment-1835743981

[tdipisa]

@catmorales @jusabatier we didn't receive yet any feedback from you on this. Did you finally retest it? This update is also already included in the RC4 done by @f-necas

[jusabatier]

Sorry, I tested it and it work well !

The redirection happen when not logged try to access a protected context, and the user is redirected to the context once logged in. It also work with parameters (actions).