应用截图
详细介绍
Re-authenticate with AWS federated ADFS (SAML) credentials when they expire.
>>> UPDATE v1.0.12
- Detect console page as success after posting for reauth, to support Shibboleth (thanks walterking)
- minor improvements
>>> UPDATE v1.0.10
- fixed a stupid bug from previous update which broke re-auth. Sorry.
>>> UPDATE v1.0.9
- fixed bug for authentication with no existing role/credentials
- added an option to not show notification popup
- published to Github (https://github.com/gitlon/CASTER)
>>> WHY
AWS ADFS Federation (SAML) tokens have a maximum expiry of 1 hour.
Until Amazon change this limit, you are forced to re-login every 1 hour to use ADFS credentials for the AWS console and/or APIs. This is annoying.
This CASTER extension automates the re-login, as well as providing an indication of the time remaining until the current AWS credentials expire.
>>> HOW
- look at cookies from the AWS Console websites
- parse out the current user, role and expiry time
- when nearly expired, try to post to the specified ADFS URL to regenerate a SAML token
- then post again, to the common AWS SAML login page, to select the current AWS role
- if successful, the result is another credentialled-login for another 1 hour.
This only works if your credentials are saved - ie that you can navigate to your ADFS page and not be prompted for username and password after the first login.
>>> YOU (THE USER) MUST DO THIS
You MUST enter *your own* organisation's ADFS url, including the AWS role-provider. Eg:
- https://YOURADFS.com/adfs/ls/idpinitiatedsignon?loginToRp=urn:amazon:webservices/
You should also review the default options.
>>> OPTIONS
- Attempt re-authentication as the current user/role?
- Show a Chrome notification before credentials are nearly expired?
- The URL for your organisation's ADFS endpoint
- When (minutes before) to change the icon time text to yellow
- When to change the icon time text to red
- When to show the Chrome notification
- When to attempt to re-authent
>>> UPDATE v1.0.12
- Detect console page as success after posting for reauth, to support Shibboleth (thanks walterking)
- minor improvements
>>> UPDATE v1.0.10
- fixed a stupid bug from previous update which broke re-auth. Sorry.
>>> UPDATE v1.0.9
- fixed bug for authentication with no existing role/credentials
- added an option to not show notification popup
- published to Github (https://github.com/gitlon/CASTER)
>>> WHY
AWS ADFS Federation (SAML) tokens have a maximum expiry of 1 hour.
Until Amazon change this limit, you are forced to re-login every 1 hour to use ADFS credentials for the AWS console and/or APIs. This is annoying.
This CASTER extension automates the re-login, as well as providing an indication of the time remaining until the current AWS credentials expire.
>>> HOW
- look at cookies from the AWS Console websites
- parse out the current user, role and expiry time
- when nearly expired, try to post to the specified ADFS URL to regenerate a SAML token
- then post again, to the common AWS SAML login page, to select the current AWS role
- if successful, the result is another credentialled-login for another 1 hour.
This only works if your credentials are saved - ie that you can navigate to your ADFS page and not be prompted for username and password after the first login.
>>> YOU (THE USER) MUST DO THIS
You MUST enter *your own* organisation's ADFS url, including the AWS role-provider. Eg:
- https://YOURADFS.com/adfs/ls/idpinitiatedsignon?loginToRp=urn:amazon:webservices/
You should also review the default options.
>>> OPTIONS
- Attempt re-authentication as the current user/role?
- Show a Chrome notification before credentials are nearly expired?
- The URL for your organisation's ADFS endpoint
- When (minutes before) to change the icon time text to yellow
- When to change the icon time text to red
- When to show the Chrome notification
- When to attempt to re-authent
