Oh! I know! https://apereo.github.io/cas/6.0.x/installation/Surrogate-Authentication.html#preselected
It is done simply by +user in REST authentication request, right? Genial! Petr On Wednesday, August 28, 2019 at 9:42:17 AM UTC+2, Petr Gašparík - AMI Praha a.s. wrote: > > Hi Misagh, > that's what I don't know for sure. > > Can be REST used for issuing TGT for different user than authenticated > one? Like "sudo make TGT for userX" ? > I studied wiki, I think sudoer needs to know user's password. > > -- > > s pozdravem > > *Petr Gašparík* > solution architect > > gsm: [+420] 603 523 860 > e‑mail: petr.gaspa...@ami.cz > > *AMI Praha a.s.* > Pláničkova 11, 162 00 Praha 6 > > tel.: [+420] 274 783 239 | web: www.ami.cz > > [image: AMI Praha a.s.] > > Textem tohoto e‑mailu podepisující neslibuje uzavřít ani neuzavírá > za společnost AMI Praha a.s. > jakoukoliv smlouvu. Každá smlouva, pokud bude uzavřena, musí mít výhradně > písemnou formu. > > Tento e‑mail je určen výhradně pro potřeby jeho adresáta/ů a může > obsahovat důvěrné nebo osobní > informace. Nejste‑li zamýšleným příjemcem, je zakázáno jakékoliv > zveřejňování, zprostředkování > nebo jiné použití těchto informací. Pokud jste obdrželi e‑mail > neoprávněně, informujte o tom prosím > odesílatele a vymažte neprodleně všechny kopie tohoto e‑mailu včetně > všech jeho příloh. Nakládáním > s neoprávněně získanými informacemi se vystavujete riziku právního postihu. > > > út 27. 8. 2019 v 21:45 odesílatel Misagh <misagh.moay...@gmail.com> > napsal: > >> Wouldn't step 1 and 2 also be handled using the rest protocol? >> >> On Tue, Aug 27, 2019, 6:48 PM Petr Gašparík - AMI Praha a.s. < >> petr.gaspa...@ami.cz> wrote: >> >>> Hi, >>> in my proof of concept, I want piece of code (program library) to *log >>> in user to CASified application without user's password.* >>> >>> That could be done in this way: >>> >>> 1. library authenticates to CAS with its login/password >>> - CAS responds with OK/fail >>> 2. library requests to generate TGT for specified user >>> - CAS responds with TGT >>> 3. library requests ST via TGT >>> - CAS responds with ST >>> 4. library forms URL for CASified application with ST >>> 5. user is logged in to CASified application >>> >>> I know steps 3-5 are doable through REST + CAS protocol. >>> >>> *What about step 2, how to do that*? Can I for example use suggoration >>> for that? >>> >>> (CASified application means application that use CAS client to get >>> authenticated users from CAS) >>> >>> best regards >>> >>> *Petr Gašparík* >>> >>> -- >>> - Website: https://apereo.github.io/cas >>> - Gitter Chatroom: https://gitter.im/apereo/cas >>> - List Guidelines: https://goo.gl/1VRrw7 >>> - Contributions: https://goo.gl/mh7qDG >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "CAS Community" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to cas-user+unsubscr...@apereo.org. >>> To view this discussion on the web visit >>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CABAspd0yUWw42pPzBTgErQkTyoV_u1tszcjg5M7oNwRsM%3D_6Vg%40mail.gmail.com >>> >>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CABAspd0yUWw42pPzBTgErQkTyoV_u1tszcjg5M7oNwRsM%3D_6Vg%40mail.gmail.com?utm_medium=email&utm_source=footer> >>> . >>> >> -- >> - Website: https://apereo.github.io/cas >> - Gitter Chatroom: https://gitter.im/apereo/cas >> - List Guidelines: https://goo.gl/1VRrw7 >> - Contributions: https://goo.gl/mh7qDG >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to cas-user+unsubscr...@apereo.org. >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAGSBKkcBb3d0m%3D_oUe-M1PZdUeoEp0%3DUYfZP6o%3DD4%2BbTHL4gHg%40mail.gmail.com >> >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAGSBKkcBb3d0m%3D_oUe-M1PZdUeoEp0%3DUYfZP6o%3DD4%2BbTHL4gHg%40mail.gmail.com?utm_medium=email&utm_source=footer> >> . >> > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/6b753544-052f-4bdc-908c-23da8d59a9a4%40apereo.org.
