If you really really want to do CAS protocol, and have access to the CAS
server, you can do something like:
SetEnvIf Origin "http://area51.univ-paris1.fr"; HTTP_ORIGIN=$0
Header set Access-Control-Allow-Origin "%{HTTP_ORIGIN}e" env=HTTP_ORIGIN
Header set Access-Control-Allow-Credentials true env=HTTP_ORIGIN
in CAS server.
This allows calling samlValidate in Ajax, for example
http://area51.univ-paris1.fr/prigaux/cas-implicit-grant-CORS.js
http://area51.univ-paris1.fr/prigaux/cas-implicit-grant-CORS.html
cu
On 13/12/2016 09:26, Iurii Sergiichuk wrote:
Hi, that was the point I was afraid of...
Maybe you can point me what exactly should I look for to use with our CAS ?
понедельник, 12 декабря 2016 г., 22:52:03 UTC+2 пользователь Pascal Rigaux
написал:
Hi, is your app really only static html & js?
If that's the case, you can't use CAS:
- you need some server side code to call serviceValidate
- mod-auth-cas can validate, check authorization, but it can't be used
as a web-service that will return user attributes. You still need some
apache SSI / CGI / PHP / servlet / ...
For static web apps, you need oauth2/oidc implicit flow!
cu
Iurii Sergiichuk <[email protected] <javascript:>> a écrit :
> Hi, I'd like to ask for some assistance on obtaining user information from
> our frontend (raw html and js), that is hosted with tomcat behind Apache
> proxy, using mod_auth_cas for handling CAS SSO authentication.
>
> I'm using CAS 4.2.4 and SSO do really work, but I cannot understand how
can
> I get any user-related information from frontend ? As far as I understood
> user information should be obtained from /cas/serviceValidate call, but
> while using Apache mod_auth_cas I do not actually see such calls, while
> after login I'm automatically redirected to Application page and if I'm
not
> authorized - I'd be redirected to /cas/login page.
>
> Could anyone help me and tell what exactly I missed? I can prepare our
> configurations upon request.
--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
[email protected] <mailto:[email protected]>.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/16cf8db7-0d25-40c4-bc78-d4dec75f4bac%40apereo.org
<https://groups.google.com/a/apereo.org/d/msgid/cas-user/16cf8db7-0d25-40c4-bc78-d4dec75f4bac%40apereo.org?utm_medium=email&utm_source=footer>.
--
Pascal Rigaux
Expert en développement et déploiement d'applications
DSIUN-SAS (service applications et services numériques)
Université Paris 1 Panthéon-Sorbonne - Centre Pierre Mendès France (PMF)
B 402 - 90, rue de Tolbiac - 75634 PARIS CEDEX 13 - FRANCE
Tél : 01 44 07 86 59
--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/8e5f8fa9-8fd1-9539-645b-553a9b232a45%40univ-paris1.fr.
