How to add a link to a new page from CAS login page

Question

I'm new to JASIG CAS and am creating some new pages that will be linked from the CAS login page (e.g., password reset, create new account). I'm not sure where to start to do this outside of creating a new JSP file for the new page's contents in WEB-INF/view/jsp/default/ui/. I've tried linking directly to the new JSP file from the casLoginView.jsp file with and without the file extension. I've also tried changing web.xml to add a new <servlet-mapping> to a <url-pattern> for my new JSP. Neither attempt has worked: instead, the link to the new JSP just reloads the login page. Thanks in advance for any suggestions!

Answer 1

After looking around for the right keywords, it looks like I have to put the new page outside of /WEB-INF for the page to be accessible. According to Java Servlet spec v2.4, page 70, the Web server cannot serve up any content under /WEB-INF. So I moved my new page to the root of /webapp outside of /WEB-INF, so now I can link to the new JSP file, including its file extension (e.g., https://localhost:8443/newPage.jsp).

Answer 2

It seems new links are secured resources and this is a reason to display login screen again. You have to change access level for new jsps to Ananymous level in securityContext.xml file.

I have done the same task. There is my part of securityContext.xml

<sec:intercept-url pattern="/changePassword.html" access="IS_AUTHENTICATED_ANONYMOUSLY"/> 
<sec:intercept-url pattern="/resetPassword.html" access="IS_AUTHENTICATED_ANONYMOUSLY"/>

Answer 3

In the last CAS server release (3.5.0), the LPPE module which deals with password reset is available. You can maybe be interested in it : https://issues.jasig.org/browse/CAS-948. Best regards, Jérôme