Re: [cas-user] Rest API Service Ticket Validation Issue

2016-06-20 Thread John Stevens II
So I enabled oauth support but it looks like the user will be required to login via the GUI. I do see in the development branch (CAS OAuth Dev Link ) for v5 that you can specify grant_type and use resource

Re: [cas-user] Rest API Service Ticket Validation Issue

2016-06-20 Thread John Stevens II
Thanks for the help Misagh, I'll try and implement the OAuth support. I appreciate the explanation, now it makes sense why I couldn't get things working the way I thought they should be. On Monday, June 20, 2016 at 10:55:33 AM UTC-4, Misagh Moayyed wrote: > > You’re thinking about this the right

Re: [cas-user] Rest API Service Ticket Validation Issue

2016-06-20 Thread John Stevens II
Thank you for the breaking ti down further, it makes sense now. On Monday, June 20, 2016 at 11:01:04 AM UTC-4, Dmitriy Kopylenko wrote: > > Just want to add on top what Misagh said - the REST support in CAS is very > limited to producing just TGTs and STs. IMHO, for service-to-service “non > hum

Re: [cas-user] Rest API Service Ticket Validation Issue

2016-06-20 Thread Dmitriy Kopylenko
Just want to add on top what Misagh said - the REST support in CAS is very limited to producing just TGTs and STs. IMHO, for service-to-service “non human interactive” authentication support (REST services for example) some protocol other than CAS protocol is more appropriate e.g. OAuth (as Misa

RE: [cas-user] Rest API Service Ticket Validation Issue

2016-06-20 Thread Misagh Moayyed
You’re thinking about this the right way; just not execution wise. You can have an ST be valid multiple times of course as this is controlled by its policy. However, what you’re really doing is treating an ST like an OAuth access token, which it isn’t….or it’s not meant to be. Your better option

Re: [cas-user] Rest API Service Ticket Validation Issue

2016-06-20 Thread John Stevens II
My thinking is if I have developers who build API's and want to integrate CAS (not for sso but for centralized authentication) then a user who wants to use the developers API would authenticate with CAS via the CAS Rest API, possibly request an ST then use that ST to access the developers API on

Re: [cas-user] Rest API Service Ticket Validation Issue

2016-06-20 Thread Misagh Moayyed
Why multiple times? What's the story there? --Misagh On Sun, Jun 19, 2016 at 2:29 PM, John Stevens II < jstevens...@gmail.com [jstevens...@gmail.com] > wrote: Well not necessarily a third application, all I really want to accomplish here is to be able to authenticate a user via CAS rest api (wh