OK, so what is a good practice with microservice and cas authentication.and authorization?
regards Giuseppe Il giorno martedì 4 dicembre 2018 13:40:59 UTC+1, Misagh Moayyed ha scritto: > > It shouldn't have to be registered, and no it's not considered "correct > practice" to share in most cases. > > On Thursday, November 29, 2018 at 2:26:10 AM UTC-7, Giuseppe Infurna wrote: >> >> Hi, >> I have a web application connected with Cas 5.3.5 and it works. >> After logging into Cas, I return to my application with >> redirect=true&ticket=eiyece ............. in url address >> Web application validates the jwt and creates a session cookie as >> explained here. >> >> https://apereo.github.io/cas/5.3.x/installation/Configure-ServiceTicket-JWT.html >> >> >> Now, from my application I want to invoke remote microservices on a my >> third app passing the jwt (ticket) that cas had provided me. >> This remote app valid the jwt and ok, but it should be registered on >> cas? is it a correct practice? >> >> Regards >> Giuseppe >> > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/4213cb61-1ca7-4f1b-8d9a-d4621025d866%40apereo.org.
