Hi all,
I have opened a pull request for 3.5.2.1 branch has it is the version we are
working with right now :
https://github.com/Jasig/cas/pull/780
The feature should be easily adaptable to any other current branch.
The idea is the following :
- Application A is CASified (classic way with redirection to CAS server for
user authentication)
- Webservice W is CASified too (without any redirection, we get a 401 if not
authenticated)
- W is called from page of application A (front end workflow)
- We'd like to re-use the TGCookie that is set by CAS after authentication
- We don't wan't to manage credentials in Application A to send them to CAS
rest API to get the needed ST to call W.
- we're not talking about application A calling directly Webservice W, but web
service W begging call through fronted AJAX call from a user authenticated
with CAS.
=> the final idea is to have lot of micro-API like web service W, each of them
protected by CAS
So fee free to tell me if I'm going the wrong way with this matter =)
Thanks in advance
__
Romain-first-time-poster-on-this-list
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-dev
