I want to use the CAS ReST API in a way that supports SSO.
The setup we have is not ideal, but I want to try to support it as is for the
moment.
Our scenario is as follows:
1. Client1 makes an authz call (including username/password credentials) to
Webapp, which makes an auth ReST call to CAS
(http://localhost:9010/cas/v1/tickets), acquiring the TGT.
2. I'd like Client1 to pass the TGT to Client2 so it can ...
3. Client2 makes ReST calls to the WebApp (for whatever it needs), passing the
TGT. Internally, Webapp will use that to authenticate Client2 with CAS.
+---+
|CAS|
+---+------+------+
|WebApp|
'------+
1 Auth/ \3 Auth
/ \w/TGT
/ -> \
+-------+ 2 Pass TGT +-------+
|Client1|------------|Client2|
+-------+ +-------+
I'm really pretty confused about CAS, so likely, I'm going about this all
wrong. Please advise. :)
(Tho, I'm limited by the public API in use by the WebApp clients.)
Eric Turley | Sr. Platform Engineer | UTV Ignition Games
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
