@@ -291,6 +291,12 @@ def self.init_database!
291291
292292 # optional params
293293 @service = clean_service_url ( params [ 'service' ] )
294+ @from = clean_service_url ( params [ 'from' ] )
295+ @return_url = if @from . blank?
296+ @service
297+ else
298+ @service + @from
299+ end
294300 @renew = params [ 'renew' ]
295301 @gateway = params [ 'gateway' ] == 'true' || params [ 'gateway' ] == '1'
296302
@@ -321,7 +327,7 @@ def self.init_database!
321327 elsif tgt && !tgt_error
322328 $LOG. debug ( "Valid ticket granting ticket detected." )
323329 st = generate_service_ticket ( @service , tgt . username , tgt )
324- service_with_ticket = service_uri_with_ticket ( @service , st )
330+ service_with_ticket = service_uri_with_ticket ( @return_url , st )
325331 $LOG. info ( "User '#{ tgt . username } ' authenticated based on ticket granting cookie. Redirecting to service '#{ @service } '." )
326332 redirect service_with_ticket , 303 # response code 303 means "See Other" (see Appendix B in CAS Protocol spec)
327333 elsif @gateway
@@ -383,6 +389,12 @@ def self.init_database!
383389
384390 # 2.2.1 (optional)
385391 @service = clean_service_url ( params [ 'service' ] )
392+ @from = clean_service_url ( params [ 'from' ] )
393+ @return_url = if @from . blank?
394+ @service
395+ else
396+ @service + @from
397+ end
386398
387399 # 2.2.2 (required)
388400 @username = params [ 'username' ]
@@ -457,7 +469,7 @@ def self.init_database!
457469 @st = generate_service_ticket ( @service , @username , tgt )
458470
459471 begin
460- service_with_ticket = service_uri_with_ticket ( @service , @st )
472+ service_with_ticket = service_uri_with_ticket ( @return_url , @st )
461473
462474 $LOG. info ( "Redirecting authenticated user '#{ @username } ' at '#{ @st . client_hostname } ' to service '#{ @service } '" )
463475 redirect service_with_ticket , 303 # response code 303 means "See Other" (see Appendix B in CAS Protocol spec)
0 commit comments