Is there any way to customize the form per the requesting application?

[khelll]

I want a way to show a custom form design per app: 1- One approach is to post a custom form directly to the CAS login action and get the corresponding errors. 2- Or show the current CAS login page but with a custom layout, this way I can call it via iframe.

My initial guess is that I can do the iframe approach using an HTTP param to switch or pick a different view based on it. However, I'm not sure if this is doable or if it's a good solution at all.

What do you suggest?

[pencil]

1- One approach is to post a custom form directly to the CAS login action and get the corresponding errors.

This will not work. The login action requires a valid Login Ticket which you can only obtain by visiting the login page prior to your login attempt.

2- Or show the current CAS login page but with a custom layout, this way I can call it via iframe.

This will work. Just be aware that the user will then be redirected within the iframe after a successful login.

[khelll]

1- One approach is to post a custom form directly to the CAS login action and get the corresponding errors.

This will not work. The login action requires a valid Login Ticket which you can only obtain by visiting the login page prior to your login attempt.

Could be done via page scraping and getting the RT and CSRF tokens, but that's tedious for several applications written in different languages.

2- Or show the current CAS login page but with a custom layout, this way I can call it via iframe.

This will work. Just be aware that the user will then be redirected within the iframe after a successful login.

I think we can return a JS response of:

<script> window.parent.location = '<%= request.original_fullpath() %>' </script>

This can be sent after validating the service ticket successfully.

Thanks

[pencil]

Best practice is to redirect to the SSO as suggested by the CAS standard.