Now, when cas-authentication tries to assemble the target URL which it should redirect to once the authentication cycle has been successfully finished, it will request something like
http://SERVER.name/general?ticket...
which obvisouly cannot be resolved by the backend.
Solution: use req.originalUrl instead. I didn't file a PR yet because I am not sure if there are any side effects. If there is no reasoning against it, req.originalUrl should be used throughout.
Otherwise, cas-authentication cannot be used for a clean node express server with hierarchical routers without change.
When used in a node backend with hierarchical routers, the req.url will be stripped off of any "mount points".
For instance, if the node express server defines a sub-router like this:
and in
detailsRouter, the following route is defined:then
cas.bounceand any other middleware function will see the following properties ofreq:So, the "mount point"
/generalhas been stripped off in the sub-router (see http://expressjs.com/de/api.html#req.originalUrl).Now, when cas-authentication tries to assemble the target URL which it should redirect to once the authentication cycle has been successfully finished, it will request something like
which obvisouly cannot be resolved by the backend.
Solution: use
req.originalUrlinstead. I didn't file a PR yet because I am not sure if there are any side effects. If there is no reasoning against it,req.originalUrlshould be used throughout.Otherwise,
cas-authenticationcannot be used for a clean node express server with hierarchical routers without change.