You might also find the white papers on the actual URL protocols useful, too.
http://www.jasig.org/cas/protocol On 6/15/09 10:10 AM, "Ram Mohan" <[email protected]> wrote: > Thanks Andrew, > I will go through them. > > -Ram > > On Mon, Jun 15, 2009 at 7:47 PM, Andrew Feller <[email protected]> wrote: >> Ram, >> >> Two things: >> >> 1. I think you should spend some time reading about the CAS architecture so >> you how it works. >> >> CAS 1 architecture: http://www.jasig.org/cas/cas1-architecture >> CAS 2 architecture: http://www.jasig.org/cas/cas2-architecture >> Proxy authentication: http://www.jasig.org/cas/proxy-authentication >> >> The TGT is some information granted by the CAS server and retained by the >> user as proof the user logged in. >> The ST is some information granted by the CAS server, passed along by the >> user, and verified by CAS client protecting application to ensure user logged >> in. >> >> 2. Check out the RESTful API >> >> RESTful API: http://www.ja-sig.org/wiki/display/CASUM/RESTful+API >> >> HTH, >> A- >> >> >> On 6/15/09 8:51 AM, "Ram Mohan" <[email protected] >> <http://[email protected]> > wrote: >> >>> Hi, >>> >>> I am a newbie to CAS and security. In my case, CAS Server 3.3.2 + Acegi CAS >>> Client is used for Authentication. >>> I took up a task of providing API for username/password authentication i.e, >>> MyClass.authenticate(Credentials credentials). >>> I think I dont even need to generate a Service Ticket. TGT cookie is >>> enough. >>> >>> For me, its simply looking like authentication without the login UI and >>> sending the credentials as parameters in the request. >>> am i going in the right direction? also, i think application of this sort >>> would already have been implemented as this is a common scenario. Any >>> pointers in this regard would be very helpful >>> >>> Thanks in advance, >>> Ram -- Andrew Feller, Analyst LSU University Information Services 200 Frey Computing Services Center Baton Rouge, LA 70803 Office: 225.578.3737 Fax: 225.578.6400 -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
