I am interested in developing a proof-of-concept based on the "PGT in Validation Response" feature documented here:
https://apereo.github.io/cas/5.3.x/installation/Configuring-Proxy-Authentication.html#pgt-in-validation-response We are running CAS 5.3.2 and have successfully used public/private keys in services for ClearPass, so we believe we understand the expected operation. I have successfully had a release of the PGTiou to a service using the traditional PGTurl feature, so I believe the basic proxy authorization is also functional for the service. I am trying to address a situation "such that invoking a callback url to receive the proxy granting ticket is not feasible, CAS may be configured to return the proxy-granting ticket id directly in the validation response". I am unclear how to trigger the release of the proxyGrantingTicketId in the validation response, though. The documentation only describes the need to set up the public key and ensure authorizedToReleaseProxyGrantingTicket is true for the service. There is no mention of how to elicit the release in the validation response rather than expecting the PGTurl. I had hoped the presence of authorizedToReleaseProxyGrantingTicket would trigger that behavior, but that does not appear to be the case. I have been unable to find any solution after hours of searching and testing. Any suggestions or clarification of the expected behavior would be welcome. Dirk Tepe Miami University -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/c5af2100-55a5-4b28-8698-83ec7f2f0eff%40apereo.org.
