Short answer - it doesn't work that way.
Long answer - There is a CASTGC cookie created when a user logs into CAS
with SSO enabled. In order to validate the CASTGC cookie, your
applications would need to access the CAS session store, which could be a
database, memcache, ehcache, etc. The applications would also need to
understand exactly how the session store works. There is no endpoint or
API for an application to validate the CASTGC because applications are not
supposed to use the CASTGC (most of the time, they don't have access to
it).
I think you're looking for a common session between applications. That's
not the purpose of CAS (Central *Authentication* Service).
Andy
On Tue, 1 Mar 2016, Siim wrote:
Because all apps and cas is in same domain (subdomains), then it should be
possible that app2 accesses CAS cookie.
So I can do 2 queries from app2 back-end:
1) Query for ticket (in this query I will put CAS cookie to header)
2) Query auth data by ticket.
Siim
teisipäev, 1. märts 2016 21:33.40 UTC+2 kirjutas Fredrik Jönsson:
You can't. You need the browser to drop by the cas server to get a service
ticket for app2.
/Fredrik
--
Fredrik Jönsson, M.Sc.
System Architect
KTH/UF/ITA/Infosys
E-mail: [email protected] <javascript:>
Phone: +46 8 790 6603
1 mars 2016 kl. 20:14 skrev Siim <[email protected] <javascript:>>:
Hello,
I tried to google for it, but didn't find any solution.
Consider following use case.
I have 3 apps and 1 cas:
1) app1.example.com
2) app2.example.com
3) app3.example.com
4) cas.example.com
So user firstly comes to app1.example.com, so he will be redirected to
cas.example.com for authentication. Follows standard ticket generation
and validation procedure.
But question is following: now if user moves to app2, is it possible that
app2 filter reads HTTP request and tries to find SSO cookie and tries to
validate it directly on cas.example.com?
What I want to achive, is that there is no need to redirect user browser
to cas.example.com, but app2 will do that request itself.
Is there such filter implemented in Java? Or should I implement such
fitler by myself?
I would be grateful for any assistance,
Siim
--
You received this message because you are subscribed to the Google Groups
"CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to [email protected] <javascript:>.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/
.
--
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
