external login

Functionality discussions and feature requests

Moderators: rmvanarkel, hugo, alexandre

Post Reply

external login

Post by jaime »

im thinking of use the external login feature, and spent sometime to find that i thing its not working (for me atm).
i did checked the url and it was done right, but not returning after logout! :/

for example:
https://www.sisdipe.com.br/para/do/exte ... ta%3D13606

could someone confirm? (my impression is that sometime it works, sometime dont...)

best regards,

probably, for a change, my fault! :/

Post by jaime »


the only thing i could guess is missing from the script would be
top.cyclosLoginIFrame = container.appendChild(iframe);

but im not sure how to fix.

im doing like this:
URL url = new URL(request.getHeader("referer"));
String encodedurl = URLEncoder.encode(url.toString(),"UTF-8");

<jsp:forward page="/do/externalLogin">
<jsp:param name="afterLogout" value="<%= encodedurl %>" />

best wishes,
ps: wouldnt be enought to pass the afterlogout var? (instead of this DOM magic?). im using fancybox (a jquery plugin, like lightbox), i did give it the url for a (iframed) file that do some checks, grab the referer and foward to the external login file with the afterlogout param..... but now, afterlogou doesnt work in any way. :/
ps2: i tried with the regular code, no luck yet... i will let this as strange behaviour, as it once worked... cant say what is up. will do other stuff, maybe it work later and i can figure what is up. (atm i do need some sleep...)


status on the topic

Post by jaime »

as i said, this worked again! \o/
but not reliable...
i got an error as not found as the after logout reached a do/http://url...

but its a start! :)

where i reached so far:

discovered what is principal! :)

but still lost on how proper handle .jsp variable so far...
is there anyway i could retrieve (and display) the afterLogout var inside the cyclos layout? (for debug purpose).

i found more variable related, like:
var returnToUrl = "${param.returnTo}";

that make 3 variable for the same purpose.... but even if it worked (even if i passed the param wrong, it would be just a minimal adjust) i cant realiable reproduce, and its getting really sad track this! :/

best regards,
PS:ok. great progress!
it doesnt work twice (it will work if you restart the browser).
PS2: its "working" now (including our allready logged check and referer detect, maybe it would worth add something like this to cyclos? i could even override the referer, if would be need, but atm i dont have such scenario) but only once per browser session. (i could guess it would be a cyclos issue. probably the fix for the variable reset created this. would be easier add a null afterLogout var to the "regular login" and it behaviour like before... dunno! (anyway, removed of my todo!) :)
Posts: 633
Joined: Sun Jun 18, 2006 1:40 pm

Post by hugo »

Hello Jaime,

It should work correclty. Dit you read the following? (from the wiki)

For example, if you have an HTML element identified by 'loginContainer' and want to return to the same url as your site after logout, use: includeCyclosLogin('loginContainer', location.href). When the second argument is omitted, after logging out, the default Cyclos login page is shown.


Post by jaime »

for me, with the 3.6rc1, it just work once per browser session.
(i probably had messed something in the way)

i will take a deeper look further asap.

ps: it is really strange. for me the codes seems to be ok (even i fully dont uderstand it)

Code: Select all

        final Cookie afterLogout = RequestHelper.getCookie(request, "afterLogout");
        if (afterLogout != null && StringUtils.isNotEmpty(afterLogout.getValue())) {
            String url = afterLogout.getValue();
            // Clear the cookie value
            try {
                final LocalSettings settings = SettingsHelper.getLocalSettings(request);
                url = URLDecoder.decode(url, settings.getCharset());
            } catch (final UnsupportedEncodingException e) {
            return null;
but, for me it behavior is like having a null instead of ""


i will try with a fresh new cyclos install (but as no one commented on this, probably should be my fault.)
Posts: 10
Joined: Fri Apr 15, 2011 9:11 am
Location: Netherlands / Amsterdam

Re: external login

Post by Floris »


I am experiencing some of the same problems. Anyone solved this already?

I made a new test site of our community in a subdomain of our existing site.
Inside that site i call up the external inlog box through:

includeCyclosLogin('loginContainer', location.href)

The fields show up correctly but the afterlogout wont work. When i log in, my website is replaced by Cyclos (i would prefer Cyclos stays within the iFrame within the site), and after logging out it stays with Cyclos - it doesnt return to where i was wen i invoked the inlogbox.

What am i doing wrong?

Posts: 13
Joined: Fri Apr 25, 2014 2:20 pm

Re: external login

Post by nikolaj »

I as using html cod:

Code: Select all

CryptoJS v3.1.2
(c) 2009-2013 by Jeff Mott. All rights reserved.
var CryptoJS=CryptoJS||function(h,s){var f={},t=f.lib={},g=function(){},j=t.Base={extend:function(a){g.prototype=this;var c=new g;a&&c.mixIn(a);c.hasOwnProperty("init")||(c.init=function(){c.$super.init.apply(this,arguments)});c.init.prototype=c;c.$super=this;return c},create:function(){var a=this.extend();a.init.apply(a,arguments);return a},init:function(){},mixIn:function(a){for(var c in a)a.hasOwnProperty(c)&&(this[c]=a[c]);a.hasOwnProperty("toString")&&(this.toString=a.toString)},clone:function(){return this.init.prototype.extend(this)}},
q=t.WordArray=j.extend({init:function(a,c){a=this.words=a||[];this.sigBytes=c!=s?c:4*a.length},toString:function(a){return(a||u).stringify(this)},concat:function(a){var c=this.words,d=a.words,b=this.sigBytes;a=a.sigBytes;this.clamp();if(b%4)for(var e=0;e<a;e++)c[b+e>>>2]|=(d[e>>>2]>>>24-8*(e%4)&255)<<24-8*((b+e)%4);else if(65535<d.length)for(e=0;e<a;e+=4)c[b+e>>>2]=d[e>>>2];else c.push.apply(c,d);this.sigBytes+=a;return this},clamp:function(){var a=this.words,c=this.sigBytes;a[c>>>2]&=4294967295<<
32-8*(c%4);a.length=h.ceil(c/4)},clone:function(){var a=j.clone.call(this);a.words=this.words.slice(0);return a},random:function(a){for(var c=[],d=0;d<a;d+=4)c.push(4294967296*h.random()|0);return new q.init(c,a)}}),v=f.enc={},u=v.Hex={stringify:function(a){var c=a.words;a=a.sigBytes;for(var d=[],b=0;b<a;b++){var e=c[b>>>2]>>>24-8*(b%4)&255;d.push((e>>>4).toString(16));d.push((e&15).toString(16))}return d.join("")},parse:function(a){for(var c=a.length,d=[],b=0;b<c;b+=2)d[b>>>3]|=parseInt(a.substr(b,
2),16)<<24-4*(b%8);return new q.init(d,c/2)}},k=v.Latin1={stringify:function(a){var c=a.words;a=a.sigBytes;for(var d=[],b=0;b<a;b++)d.push(String.fromCharCode(c[b>>>2]>>>24-8*(b%4)&255));return d.join("")},parse:function(a){for(var c=a.length,d=[],b=0;b<c;b++)d[b>>>2]|=(a.charCodeAt(b)&255)<<24-8*(b%4);return new q.init(d,c)}},l=v.Utf8={stringify:function(a){try{return decodeURIComponent(escape(k.stringify(a)))}catch(c){throw Error("Malformed UTF-8 data");}},parse:function(a){return k.parse(unescape(encodeURIComponent(a)))}},
x=t.BufferedBlockAlgorithm=j.extend({reset:function(){this._data=new q.init;this._nDataBytes=0},_append:function(a){"string"==typeof a&&(a=l.parse(a));this._data.concat(a);this._nDataBytes+=a.sigBytes},_process:function(a){var c=this._data,d=c.words,b=c.sigBytes,e=this.blockSize,f=b/(4*e),f=a?h.ceil(f):h.max((f|0)-this._minBufferSize,0);a=f*e;b=h.min(4*a,b);if(a){for(var m=0;m<a;m+=e)this._doProcessBlock(d,m);m=d.splice(0,a);c.sigBytes-=b}return new q.init(m,b)},clone:function(){var a=j.clone.call(this);
a._data=this._data.clone();return a},_minBufferSize:0});t.Hasher=x.extend({cfg:j.extend(),init:function(a){this.cfg=this.cfg.extend(a);this.reset()},reset:function(){x.reset.call(this);this._doReset()},update:function(a){this._append(a);this._process();return this},finalize:function(a){a&&this._append(a);return this._doFinalize()},blockSize:16,_createHelper:function(a){return function(c,d){return(new a.init(d)).finalize(c)}},_createHmacHelper:function(a){return function(c,d){return(new w.HMAC.init(a,
d)).finalize(c)}}});var w=f.algo={};return f}(Math);
(function(h){for(var s=CryptoJS,f=s.lib,t=f.WordArray,g=f.Hasher,f=s.algo,j=[],q=[],v=function(a){return 4294967296*(a-(a|0))|0},u=2,k=0;64>k;){var l;a:{l=u;for(var x=h.sqrt(l),w=2;w<=x;w++)if(!(l%w)){l=!1;break a}l=!0}l&&(8>k&&(j[k]=v(h.pow(u,0.5))),q[k]=v(h.pow(u,1/3)),k++);u++}var a=[],f=f.SHA256=g.extend({_doReset:function(){this._hash=new t.init(j.slice(0))},_doProcessBlock:function(c,d){for(var b=this._hash.words,e=b[0],f=b[1],m=b[2],h=b[3],p=b[4],j=b[5],k=b[6],l=b[7],n=0;64>n;n++){if(16>n)a[n]=
c[d+n]|0;else{var r=a[n-15],g=a[n-2];a[n]=((r<<25|r>>>7)^(r<<14|r>>>18)^r>>>3)+a[n-7]+((g<<15|g>>>17)^(g<<13|g>>>19)^g>>>10)+a[n-16]}r=l+((p<<26|p>>>6)^(p<<21|p>>>11)^(p<<7|p>>>25))+(p&j^~p&k)+q[n]+a[n];g=((e<<30|e>>>2)^(e<<19|e>>>13)^(e<<10|e>>>22))+(e&f^e&m^f&m);l=k;k=j;j=p;p=h+r|0;h=m;m=f;f=e;e=r+g|0}b[0]=b[0]+e|0;b[1]=b[1]+f|0;b[2]=b[2]+m|0;b[3]=b[3]+h|0;b[4]=b[4]+p|0;b[5]=b[5]+j|0;b[6]=b[6]+k|0;b[7]=b[7]+l|0},_doFinalize:function(){var a=this._data,d=a.words,b=8*this._nDataBytes,e=8*a.sigBytes;
d[e>>>5]|=128<<24-e%32;d[(e+64>>>9<<4)+14]=h.floor(b/4294967296);d[(e+64>>>9<<4)+15]=b;a.sigBytes=4*d.length;this._process();return this._hash},clone:function(){var a=g.clone.call(this);a._hash=this._hash.clone();return a}});s.SHA256=g._createHelper(f);s.HmacSHA256=g._createHmacHelper(f)})(Math);

<script type="text/javascript">
  function chPy(oSelect)
  var passwordvar = CryptoJS.SHA256(oSelect.form.clear.value);
  oSelect.form.password.value = passwordvar;

<form id="cyclosLogin" action="http://your_host.com/do/login" onsubmit="chPy(this)" method="post"><input type="hidden" name="operatorLogin" value="false" />
<td><input id="username" class="medium" type="text" name="username" /></td>
<td><input type="password" name="clear" value="" onchange="chPy(this)" /></td>
<td><input type="hidden" name="password" value="" /></td>
<td><input class="button" type="submit" onclick="chPy(this)" value="Enter" /></td>
Post Reply