Provide an ApplicationSubmissionsController#index fallback

[werebus]

Because of Shibboleth/HTTP reasons, a form submission doesn't survive the redirects that result if an applicant's session expires while they're filling out an application.

As a result, the POST request to /application_submissions gets turned into a GET request to the same and the user ends up with a 404 because that route doesn't exist.

While it turns out that it is possible to get Shibboleth to store and then recall certain form data, it's... pretty hard. At the very least, though we could provide a "we're sorry, you're too slow" page rather than the confusing 404.

[werebus]

You know.... maybe it's not that bad?

[werebus]

It was not, in fact, that bad. I added the configuration needed for Shibboleth to stash form submissions before sending the user off to auth, and then to re-POST that submission after they get back. In shibboleth2.xml:

<ApplicationOverride id="transit-jobapps.admin.umass.edu" 
                     entityID="https://transit-jobapps.admin.umass.edu/shibboleth" >

  <!-- Added this element here. Most of the attributes are copied from the <Sessions>
       in <ApplicationDefaults>, what was added were 'postData' and 'postTemplate' -->
  <Sessions lifetime="28800" timeout="21600" relayState="ss:mem"
            checkAddress="false" handlerSSL="true" cookieProps="https"
            postData="ss:mem" postTemplate="/etc/shibboleth/postTemplate.html" />
</ApplicationOverride>

Now, if their Shibboleth session goes bad mid application submission, their submission will still go through.

[werebus]

Had this happen again last week. The applicant loaded the application and then submitted it around three days later.

It appears as if the fix above isn't working anymore? This could be related to the Cirrus Bridge migration, I guess.