We have a concept called "Non Interactive Authentication" with some Web Flow components to support it. Examples include X.509 and SPNEGO. You could probably model something off those that would retrieve the token, and then create an authentication handler/principal resolver to actually construct the principal.
Cheers, Scott On Mon, Oct 8, 2012 at 5:38 PM, Hoa Lu <hoa...@gmail.com> wrote: > Hi, > > Newish to CAS. Our application uses CAS for login. We're trying to > integrate our app with a third party app. Users sign into the third party > app, and click on a link to access our app. We want to bypass the CAS > login page and programmatically log the user in and allow access to our app. > > The third party app will pass to us a session token which we validate > using their api, and retrive the user info, and then "log in" this user > into our application. We are already doing the session token validation in > a separate app, setting a "golden ticket" cookie, and forwarding to CAS. > How on CAS can I check for the existence of this "golden ticket" and > bypass login page and programmatically log this user in? > > > -- > You are currently subscribed to cas-dev@lists.jasig.org as: > scott.battag...@gmail.com > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev > -- You are currently subscribed to cas-dev@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
