1 <?xml version="1.0" encoding="UTF-8"?>
2 <flow xmlns="http://www.springframework.org/schema/webflow"
3 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
4 xsi:schemaLocation="http://www.springframework.org/schema/webflow
5 http://www.springframework.org/schema/webflow/spring-webflow-2.0.xsd">
7 <var name="credentials" class="org.jasig.cas.authentication.principal.UsernamePasswordCredentials" />
9 <evaluate expression="initialFlowSetupAction" />
13 | The first state defined becomes the flow's starting point.
14 | http://static.springsource.org/spring-webflow/docs/2.0.x/reference/htmlsingle/spring-webflow-reference.html
16 <decision-state id="ticketGrantingTicketExistsCheck">
17 <if test="flowScope.ticketGrantingTicketId neq null" then="hasServiceCheck" else="gatewayRequestCheck" />
20 <decision-state id="gatewayRequestCheck">
21 <if test="externalContext.requestParameterMap['gateway'] neq '' && externalContext.requestParameterMap['gateway'] neq null && flowScope.service neq null" then="gatewayServicesManagementCheck" else="generateLoginTicket" />
24 <decision-state id="hasServiceCheck">
25 <if test="flowScope.service != null" then="renewRequestCheck" else="viewGenericLoginSuccess" />
28 <decision-state id="renewRequestCheck">
29 <if test="externalContext.requestParameterMap['renew'] neq '' && externalContext.requestParameterMap['renew'] neq null" then="isFederatedIdentity" else="generateServiceTicket" />
33 The "warn" action makes the determination of whether to redirect directly to the requested
34 service or display the "confirmation" page to go back to the server.
36 <decision-state id="warn">
37 <if test="flowScope.warnCookieValue" then="showWarningView" else="redirect" />
40 <action-state id="redirectPostAuthentication">
41 <evaluate expression="redirectionPostAuthentificationAction" />
42 <transition on="success" to="warn" />
43 <transition on="first" to="premiereConnexion" />
44 <transition on="renew" to="mdpRenouvellement" />
45 <transition on="deleting" to="viewSuppressionEnCoursForm" />
46 <transition on="convention" to="viewCharteForm">
47 <evaluate expression="charteForm" result="viewScope.charteForm" />
50 <!-- redirection de federation d'identites -->
51 <transition on="register" to="inscription" />
54 <view-state id="viewSuppressionEnCoursForm" view="casSuppressionEnCoursView">
55 <transition on="continue" to="redirectPostAuthentication" />
58 <view-state id="viewCharteForm" view="casCharteView" model="charteForm">
60 <binding property="charte" required="true" />
62 <transition on="submit" to="actionCharteForm" />
65 <action-state id="actionCharteForm">
66 <evaluate expression="charteFormAction.submit(flowRequestContext)" />
67 <transition on="success" to="redirectPostAuthentication" />
68 <transition on="error" to="viewCharteForm" />
72 <action-state id="startAuthenticate">
73 <action bean="x509Check" />
74 <transition on="success" to="sendTicketGrantingTicket" />
75 <transition on="warn" to="warn" />
76 <transition on="error" to="generateLoginTicket" />
80 <action-state id="isFederatedIdentity">
81 <evaluate expression="isFederatedIdentityAction" />
82 <transition on="yes" to="validateVector" />
83 <transition on="no" to="generateLoginTicket" />
86 <action-state id="validateVector">
87 <evaluate expression="authenticationViaFederatedIdentityAction.validateVector(flowRequestContext, messageContext, flowScope.credentials)" />
88 <transition on="profile" to="viewAdminSelectProfileForm">
89 <evaluate expression="adminSelectProfileForm" result="viewScope.adminSelectProfileForm" />
91 <transition on="deploy" to="deploiementFederationId" />
92 <transition on="success" to="sendTicketGrantingTicket" />
93 <transition on="no" to="viewLoginForm" />
94 <transition on="error" to="viewLoginForm" />
97 <view-state id="viewAdminSelectProfileForm" view="casAdminSelectProfileView" model="adminSelectProfileForm">
98 <transition on="yes" to="actionAdminSelectProfileForm" />
99 <transition on="no" to="actionAdminSelectProfileForm" />
102 <action-state id="actionAdminSelectProfileForm">
103 <evaluate expression="adminSelectProfileFormAction.submit(flowRequestContext, adminSelectProfileForm, messageContext)" />
104 <transition on="success" to="sendTicketGrantingTicket" />
105 <transition on="error" to="viewAdminSelectProfileForm" />
108 <action-state id="generateLoginTicket">
109 <evaluate expression="generateLoginTicketAction.generate(flowRequestContext)" />
110 <transition on="success" to="viewLoginForm" />
113 <view-state id="viewLoginForm" view="casLoginView" model="credentials">
115 <binding property="username" />
116 <binding property="password" />
119 <set name="viewScope.commandName" value="'credentials'" />
121 <transition on="submit" bind="true" validate="true" to="isCorrespondantDeploiement">
122 <evaluate expression="authenticationViaFormAction.doBind(flowRequestContext, flowScope.credentials)" />
124 <transition on="password" bind="false" validate="false" to="mdpOubli" />
125 <transition on="register" bind="false" validate="false" to="inscription" />
128 <action-state id="isCorrespondantDeploiement">
129 <evaluate expression="isCorrespondantDeploiementAction.submit(flowRequestContext, flowScope.credentials)" />
130 <transition on="yes" to="deploiement" />
131 <transition on="no" to="realSubmit" />
134 <action-state id="realSubmit">
135 <evaluate expression="authenticationViaFormAction.submit(flowRequestContext, flowScope.credentials, messageContext)" />
136 <transition on="warn" to="warn" />
138 HVLE : faut il mettre cette transition en place comme fait dans l'ancien workflow ?
139 <transition on="warn" to="redirectPostAuthentication" />
141 <transition on="success" to="sendTicketGrantingTicket" />
142 <transition on="error" to="generateLoginTicket" />
145 <action-state id="sendTicketGrantingTicket">
146 <evaluate expression="sendTicketGrantingTicketAction" />
147 <transition to="serviceCheck" />
150 <decision-state id="serviceCheck">
151 <if test="flowScope.service neq null" then="generateServiceTicket" else="viewGenericLoginSuccess" />
154 <action-state id="generateServiceTicket">
155 <evaluate expression="generateServiceTicketAction" />
156 <transition on="success" to="redirectPostAuthentication" />
157 <transition on="error" to="generateLoginTicket" />
158 <transition on="gateway" to="gatewayServicesManagementCheck" />
161 <action-state id="gatewayServicesManagementCheck">
162 <evaluate expression="gatewayServicesManagementCheck" />
163 <transition on="success" to="redirect" />
166 <action-state id="redirect">
167 <evaluate expression="flowScope.service.getResponse(requestScope.serviceTicketId)" result-type="org.jasig.cas.authentication.principal.Response" result="requestScope.response" />
168 <transition to="postRedirectDecision" />
171 <decision-state id="postRedirectDecision">
172 <if test="requestScope.response.responseType.name() eq 'POST'" then="postView" else="redirectView" />
175 <!-- subflow mot de passe oublie -->
176 <subflow-state id="mdpOubli" subflow="mdpOubli">
177 <transition on="redirect" to="viewLoginForm" />
180 <!-- subflow mot de passe renouvellement -->
181 <subflow-state id="mdpRenouvellement" subflow="mdpRenouvellement">
182 <input name="service" value="flowScope.service" />
183 <transition on="success" to="warn" />
186 <!-- subflow premiere connexion -->
187 <subflow-state id="premiereConnexion" subflow="premiereConnexion">
188 <input name="service" value="flowScope.service" />
189 <transition on="redirect" to="warn" />
192 <!-- subflow correspondant deploiement - selection etablissement de connexion -->
193 <subflow-state id="deploiement" subflow="deploiement">
194 <input name="loginTicket" value="requestScope.loginTicket" />
195 <input name="credentials" value="flowScope.credentials" />
196 <transition on="redirect" to="realSubmit" />
199 <!-- subflow correspondant deploiement - federation d'identites - selection etablissement de connexion -->
200 <subflow-state id="deploiementFederationId" subflow="deploiementFederationId">
201 <input name="credentials" value="flowScope.credentials" />
202 <transition on="redirect" to="sendTicketGrantingTicket" />
205 <!-- subflow parent premiere connexion - inscription et action lien eleve -->
206 <subflow-state id="inscription" subflow="inscription">
207 <transition on="redirect" to="viewLoginForm" />
211 the "viewGenericLogin" is the end state for when a user attempts to login without coming directly from a service.
212 They have only initialized their single-sign on session.
214 <end-state id="viewGenericLoginSuccess" view="casLoginGenericSuccessView" />
217 The "showWarningView" end state is the end state for when the user has requested privacy settings (to be "warned") to be turned on. It delegates to a
218 view defines in default_views.properties that display the "Please click here to go to the service." message.
220 <end-state id="showWarningView" view="casLoginConfirmView" />
222 <end-state id="postView" view="postResponseView">
224 <set name="requestScope.parameters" value="requestScope.response.attributes" />
225 <set name="requestScope.originalUrl" value="flowScope.service.id" />
230 The "redirect" end state allows CAS to properly end the workflow while still redirecting
231 the user back to the service required.
233 <end-state id="redirectView" view="externalRedirect:${requestScope.response.url}" />
235 <end-state id="viewServiceErrorView" view="viewServiceErrorView" />
237 <end-state id="viewServiceSsoErrorView" view="viewServiceSsoErrorView" />
240 <transition to="viewServiceErrorView" on-exception="org.springframework.webflow.execution.repository.NoSuchFlowExecutionException" />
241 <transition to="viewServiceSsoErrorView" on-exception="org.jasig.cas.services.UnauthorizedSsoServiceException" />
242 <transition to="viewServiceErrorView" on-exception="org.jasig.cas.services.UnauthorizedServiceException" />
243 </global-transitions>
245 <bean-import resource="login-webflow-beans.xml" />
projects / openent / openent-dev-logica.git / blob