Hi Misagh,
that's what I don't know for sure.

Can be REST used for issuing TGT for different user than authenticated one?
Like "sudo make TGT for userX" ?
I studied wiki, I think sudoer needs to know user's password.

--

s pozdravem

*Petr Gašparík*
solution architect

gsm: [+420] 603 523 860
e‑mail: petr.gaspa...@ami.cz

*AMI Praha a.s.*
Pláničkova 11, 162 00 Praha 6

tel.: [+420] 274 783 239 | web: www.ami.cz

[image: AMI Praha a.s.]

Textem tohoto e‑mailu podepisující neslibuje uzavřít ani neuzavírá
za společnost AMI Praha a.s.
jakoukoliv smlouvu. Každá smlouva, pokud bude uzavřena, musí mít výhradně
písemnou formu.

Tento e‑mail je určen výhradně pro potřeby jeho adresáta/ů a může obsahovat
důvěrné nebo osobní
informace. Nejste‑li zamýšleným příjemcem, je zakázáno jakékoliv
zveřejňování, zprostředkování
nebo jiné použití těchto informací. Pokud jste obdrželi e‑mail neoprávněně,
informujte o tom prosím
odesílatele a vymažte neprodleně všechny kopie tohoto e‑mailu včetně
všech jeho příloh. Nakládáním
s neoprávněně získanými informacemi se vystavujete riziku právního postihu.


út 27. 8. 2019 v 21:45 odesílatel Misagh <misagh.moay...@gmail.com> napsal:

> Wouldn't step 1 and 2 also be handled using the rest protocol?
>
> On Tue, Aug 27, 2019, 6:48 PM Petr Gašparík - AMI Praha a.s. <
> petr.gaspa...@ami.cz> wrote:
>
>> Hi,
>> in my proof of concept, I want piece of code (program library) to *log
>> in user to CASified application without user's password.*
>>
>> That could be done in this way:
>>
>>    1. library authenticates to CAS with its login/password
>>       - CAS responds with OK/fail
>>    2. library requests to generate TGT for specified user
>>       - CAS responds with TGT
>>    3. library requests ST via TGT
>>       - CAS responds with ST
>>    4. library forms URL for CASified application with ST
>>    5. user is logged in to CASified application
>>
>> I know steps 3-5 are doable through REST + CAS protocol.
>>
>> *What about step 2, how to do that*? Can I for example use suggoration
>> for that?
>>
>> (CASified application means application that use CAS client to get
>> authenticated users from CAS)
>>
>> best regards
>>
>> *Petr Gašparík*
>>
>> --
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to cas-user+unsubscr...@apereo.org.
>> To view this discussion on the web visit
>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CABAspd0yUWw42pPzBTgErQkTyoV_u1tszcjg5M7oNwRsM%3D_6Vg%40mail.gmail.com
>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CABAspd0yUWw42pPzBTgErQkTyoV_u1tszcjg5M7oNwRsM%3D_6Vg%40mail.gmail.com?utm_medium=email&utm_source=footer>
>> .
>>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAGSBKkcBb3d0m%3D_oUe-M1PZdUeoEp0%3DUYfZP6o%3DD4%2BbTHL4gHg%40mail.gmail.com
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAGSBKkcBb3d0m%3D_oUe-M1PZdUeoEp0%3DUYfZP6o%3DD4%2BbTHL4gHg%40mail.gmail.com?utm_medium=email&utm_source=footer>
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CABAspd0ORjyfgpfPq1pWoL9JNbVXE%3Dt-a16JAvUfyPKxxfoUfQ%40mail.gmail.com.

Reply via email to