Forum Discussion

Boss

11 years ago

Page Initialisation - Cookie Detection

We're looking at implementing a page initialisation script in our environment which detects users who happen to have our SSO cookie present but not the lithium cookie used to indicate the user is logged in.

The reason for this is that we find users who log into other SSO enabled sites/services then navigate to the community are logged in to SSO but not the community.

Users detected in this scenario would be redirected through our SSO login page which would drop the required lithiumSSO cookie and bounce the user back to the community to sign them in.

We've not had much luck creating a page initialisation script in our stage environment so far and are wondering where we're going wrong.

Conditions: User must have a cookie with the name "mainsiteSSO" is present and the community must still see the user as anonymous.

Action: redirect the user through the SSO login page for the community.

Current code:

<#assign has_sso_cookie = response.cookies.name.get("mainsiteSSO") />

<#if user.anonymous && has_sso_cookie == "true" >
${http.response.setRedirectUrl(webUi.getUserLoginPageUrl)}
</#if>

Any help would be greatly appreciated.

Thanks,

Rob

nathan

11 years ago

What error do you get?

You could also try getting the cookie via http.request.cookies:

<#assign has_sso_cookie = http.request.cookies.name.get("mainsiteSSO") />

<#if user.anonymous && has_sso_cookie?? >
${http.response.setRedirectUrl(webUi.getUserLoginPageUrl)}
</#if>

nathan
Executive
11 years ago
I think the issue is that response.cookies.name.get returns a cookie object (if it exists) or null, rather than a boolean or string. So you need to check whether has_sso_cookie is null:
<#assign has_sso_cookie = response.cookies.name.get("mainsiteSSO") /> <#if user.anonymous && has_sso_cookie?? > ${http.response.setRedirectUrl(webUi.getUserLoginPageUrl)} </#if>
- RobertT
  Boss
  11 years ago
  Hi Nathan,
  
  Thanks for that, tried the above example and for some reason it still doesn't work. If we set the script to remove the check on whether the cookie is present it works but as soon as we put that check in the script no longer runs when the conditions are correct.
  - nathan
    Executive
    11 years ago
    What error do you get?
    
    You could also try getting the cookie via http.request.cookies:
    <#assign has_sso_cookie = http.request.cookies.name.get("mainsiteSSO") /> <#if user.anonymous && has_sso_cookie?? > ${http.response.setRedirectUrl(webUi.getUserLoginPageUrl)} </#if>

Forum Discussion

Page Initialisation - Cookie Detection

Related Content

Re: Lithium Cookies Datasheet

Detect changes in the tinyMCE ActiveEditor

Default Cookie-based SSO Timeout

Browser/Device detection with Freemarker

view mode detection, desktop or mobile

Recent Discussions

API v1 docs gone since Atlas migration to Aurora

Does anyone know how to change the display title of Custom Fields in Aurora?

Can someone walk me through authenticating and using Postman with Aurora?

Seeking Advice on Restricting Access to a posts to those who have the permalink.

TinyMceEditor is undefined