Copy link to clipboard
Copied
Does anyone if it is possible to manually set the CGI.HTTP_REFERER? If so, how do I accomplish it?
Many thanks for all the help. I got it working now. There is no issue with the <cfif IsDefined("session.mysiteShibboleth.isAuthenticated")>. It was a log in the <cfelse> that I tried to log the session variable that was not set and not exist. Thus, it throws the error.
The initial issue about unable to redirect was resolved. The issue that it keeps looping was because the way I test if the user was logged in or not is wrong. Since I'm using CommonSpot CMS, it used their isLoggedIn API and it was
...Copy link to clipboard
Copied
That's why I asked if you checked whether or not the code in authenticated.cfm is being executed. From your description, it appears it is not.
Dump the session scope on the details page before you try to access the problem structure and see for yourself whether or not it exists.
Cheers
Eddie
Copy link to clipboard
Copied
Wasn't this <cfif structKeyExists(session.mysiteShibboleth, "isAuthenticated") and (session.mysiteShibboleth.isAuthenticated) > supposed to check if the code in the authenticate.cfm is executed or not? If it's not, should this statement be false instead of error out?
Copy link to clipboard
Copied
Okay, so in the CommonSpot log, it has this exception error: Exception: Element MYSITESHIBBOLETH.ISAUTHENTICATED is undefined in SESSION.
However, wasn't the <cfif IsDefined("session.mysiteShibboleth.isAuthenticated")> supposed to account for this error and prevent it from generating?
Copy link to clipboard
Copied
Many thanks for all the help. I got it working now. There is no issue with the <cfif IsDefined("session.mysiteShibboleth.isAuthenticated")>. It was a log in the <cfelse> that I tried to log the session variable that was not set and not exist. Thus, it throws the error.
The initial issue about unable to redirect was resolved. The issue that it keeps looping was because the way I test if the user was logged in or not is wrong. Since I'm using CommonSpot CMS, it used their isLoggedIn API and it was not giving me the value I was looking for to test the user's authentication status. So, I set a session.mysiteShibboleth.isAuthenticated variable and checked for this on the details page. It now seems to work.
Copy link to clipboard
Copied
2Charlie wrote:
Same error. In my authenticted.cfm file, this is where the session is defined, I believed.
<cfif cgiReferer eq shibboleth_url>
<cfscript>
session.mysiteShibboleth = StructNew();
session.mysiteShibboleth.username=REReplace(http_header.headers.eppn, "@mysite.com","","ALL");
session.mysiteShibboleth.mail=http_header.headers.eppn;
session.mysiteShibboleth.groups=ArrayToList(REMatch('WEB\.[A-Z.-]+', http_header.headers.member));
session.mysiteShibboleth.isAuthenticated="true";
</cfscript>
</cfif>
The definition of the session variable should be unconditional. Hence,
<cfset session.mysiteShibboleth = StructNew()>
<cfif cgiReferer eq shibboleth_url>
<cfscript>
session.mysiteShibboleth.username=REReplace(http_header.headers.eppn, "@mysite.com","","ALL");
session.mysiteShibboleth.mail=http_header.headers.eppn;
session.mysiteShibboleth.groups=ArrayToList(REMatch('WEB\.[A-Z.-]+', http_header.headers.member));
session.mysiteShibboleth.isAuthenticated="true";
</cfscript>
</cfif>