Hi Pascal, the reason why I need this is, that the REST API calls can also be performed only by an authorized user. This means that the AngularJS app must send some token alongside with the request to my REST API and the REST API must be able to validate that token.
So the main problem for me is not to login (this can be done with a redirect, or with posting the username/password, I do not really mind), but to validate the token in my REST API. Because I do not want to create another http request to the CAS server everytime the Angular app makes a request. Bye, Filip On Saturday, July 8, 2017 at 6:39:57 PM UTC+2, Pascal Rigaux wrote: > > Hi, > > Do you really need the handle username/password? Most CAS applications > avoid this since it breaks SSO. > > A simple solution for AngularJS application is to do as many other > apps: require a valid session an all html pages [*] > > Example : https://github.com/fedon/spring-cas-auth . > > SPA allows relogging without loosing "browser" activity (eg: textarea > content). Here is a tutorial application with phpCAS that shows > various ways to handle CAS relog in a SPA : > https://github.com/prigaux/angular-seed > > * forked from "angular-seed" (an old version) > added some php pages > kept index.html, but the app really is index.php > > * every commits shows a different functionality. To understand them, > start from the first one, then have a look at the more advanced > features: > - CAS example : minimal casification > - CAS example using http-auth-interceptor : same but using a module > intercepting every $http calls > - use ngRoute "resolve" : avoid displaying page "view1" until the user > is authenticated > - replace alert with modal window from angular UI Bootstrap : prepares > the next commit > - add transparent relog using jsonp + CAS gateway : if app session is > expired, try transparent login on CAS using JSONP > - add relog using window.open+postMessage : if transparent relog > failed, instead of restarting application, use window.open+postMessage > > * to make it work: > > git clone --depth 4 https://github.com/prigaux/angular-seed.git > angular-seed-phpCAS > cd angular-seed-phpCAS > bower install > > You need phpCAS : > https://wiki.jasig.org/display/CASC/phpCAS+installation+guide > > Happy CAS, > cu > > > [*] if your first page is static AND CAS protected, you must ensure it > is not browser cached > > > -- > Pascal Rigaux > > -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/8171cc08-2872-495d-b013-9948d008d1b1%40apereo.org.
