Hello.
I have set the home page to “my_webapp”. But, still, when an unknown or unauthorized address is entered, the login page “yunohost/sso/” appears.
When not logged in, I’d like to display the login page only when the exact address of login page is entered and, otherwise, display the home page as the 404-error-page.
Is that possible ? The goal is to hide how to log in for people unaware of the exact address.
Thank you.
I guess you will be able to do that in the SSOwat persistent configuration.
The interesting directive for you is redirected_urls
Thank you Kload, I already “played” with /etc/ssowat/conf.json.persistent… I do not want to redirect a list of URLs, but all unauthorized or unknown addresses to a page.
Thus. I tried again. I tried to redirect the “yunohost/sso” page when it has parameters, this way:
"redirected_urls": {
"mydomain.fr/": "mydomain.fr/site/",
"mydomain.fr/yunohost/sso/?" : "mydomain.fr/site/"
}
But it does not work: only the home page is redirected to the site page. Notice the “?”. Of course, I do not want to redirect “mydomain.fr/yunohost/sso/” (without the “?”), cause I need it to log in.
Then you may want to try the redirected_regex directive 
Hello.
Tried this:
"redirected_regex": {
".*mydomain.fr/yunohost/sso/?.*": "mydomain.fr/site/"
},
I also tried without the .*.
It has no effect.
For example my idea is this:
https://mydomain.fr/mqsdh
https://mydomain.fr/yunohost/sso/?someb64chars
redirected_regex directive redirects to https://mydomain.fr/site/
https://mydomain.fr/site/ is displayedBut that’s in my dreams only 
You have to intercept the request before it reaches
https://mydomain.fr/yunohost/sso/?someb64chars. The YunoHost portal is
part of the SSO, so you cannot bypass it.
In your case, you want to redirect mydomain.fr/.* to
mydomain.fr/site/ (or something like that).
As said master Shadok: “Plus ça rate, plus ça a de chances de marcher”. So, new trial. And… Got this message in the browser: “Cette page Web présente une boucle de redirection.” A redirection loop… Of course. And anyway, I do not not want to redirect all pages to mydomain.fr/site/ , of course, but only unauthorized or unknown pages.
As said Master Yoda: “Try not. Do or do not. There is no try.”. So, a few greps later, I did the folling “quick’n dirty” replacement of the last line of /usr/share/ssowat/access.lua
Before:
return redirect(portal_url.."?r="..ngx.encode_base64(back_url))
After:
return redirect(conf["portal_scheme"].."://"..conf["portal_domain"])
It would be nicer to have it as an option in /etc/ssowat/conf.json.persistent but this far exceeds my lua skills. And whatever, this solution is working fine for me.
Well, this is dirty, but why not ^^
Could you open an issue so that I add a configuration option in the next release ?
https://github.com/Kloadut/SSOwat/issues/new
There you are: https://github.com/Kloadut/SSOwat/issues/26
Thanks Kload for your help and your job.
Xof.
This solution works well for me too. I do agree on having an option in the interface ! 
Cette solution fonctionne pour moi aussi. Je plussoie l’idée d’avoir une option dans l’interface d’administration.
Hi Kload;
i’d tried in different way to use the /etc/ssowat/conf.json.persistent
to modified portal_path, and redirected_regex
did something like that :
{
“portal_path”: “/yunohost/TEST/sso/”,
“redirected_regex”: {
“yhn.hopper.pw/yunohost/TEST/[\/]?$”: “https://yhn.hopper.pw/yunohost/TEST/sso/”
},
“redirected_urls”: {}
}
But everytime it reconfigured, exemple with yunohost app ssowatconf
the config ignore my variable
Could you give me an exemple please ?
@jodumont My /etc/ssowat/conf.json.persistent looks like this:
{
"skipped_urls": ["mytorrentwebsite.org/downloads"],
"redirected_urls": {
"http://mydomain.fr/yunohost/sso/": "https://mydomain.fr/yunohost/sso/"
}
}
@xof @maxime
Is there any update to this solution? It works still but ?someb64chars do not show up in the link on the login page. The link only shows https://mydomain.tld/yunohost/sso/ but prior to this solution it used to show https://mydomain.tld/yunohost/sso/?someb64chars. Is there a security risk in not having the ?someb64chars after the /yunohost/sso ?