pencil
commented
9 years ago Thank your for your Pull Request. Unfortunately introducing new parameters to the login page is not something that is encouraged by the CAS Protocol Specification. It is also not in line with the specified "successful login":
successful login: redirect the client to the URL specified by the service parameter in a manner that will not cause the client’s credentials to be forwarded to the service. This redirection MUST result in the client issuing a GET request to the service. The request MUST include a valid service ticket, passed as the HTTP request parameter, “ticket”. See Appendix B for more information. If service was not specified, CAS MUST display a message notifying the client that it has successfully initiated a single sign-on session.
The behavior your are looking for can be achieved by adding your custom controllers to an application that is separate from CASino but uses a CAS client to authenticate with your CASino installation. You then can either use the original request URL as service parameter or store it in the session before redirecting to CASino.
As we have CASino and devise in same app (devise handling signing up and casino for sessions), it's really handy to have possibility to redirect user to back to target url.
Made it optional so it won't brake existing apps.