A more straight forward approach to achieve what I think you want to would be, e.g., sharing a session cookie and corresponding session data with the information you need between all services.
Theoretically, if you expose the CAS TGT to all hosts in the domain, I guess you could grab it and run a http client and the CAS protocol on app2 impersonating the user to authenticate to itself, but it strikes me as a rather horrible hack. /Fredrik Skickat från min iPhone 1 mars 2016 kl. 20:51 skrev Siim <[email protected]<mailto:[email protected]>>: Because all apps and cas is in same domain (subdomains), then it should be possible that app2 accesses CAS cookie. So I can do 2 queries from app2 back-end: 1) Query for ticket (in this query I will put CAS cookie to header) 2) Query auth data by ticket. Siim teisipäev, 1. märts 2016 21:33.40 UTC+2 kirjutas Fredrik Jönsson: You can't. You need the browser to drop by the cas server to get a service ticket for app2. /Fredrik -- Fredrik Jönsson, M.Sc. System Architect KTH/UF/ITA/Infosys E-mail: [email protected]<javascript:> Phone: +46 8 790 6603 1 mars 2016 kl. 20:14 skrev Siim <[email protected]<javascript:>>: Hello, I tried to google for it, but didn't find any solution. Consider following use case. I have 3 apps and 1 cas: 1) app1.example.com<http://app1.example.com> 2) app2.example.com<http://app2.example.com> 3) app3.example.com<http://app3.example.com> 4) cas.example.com<http://cas.example.com> So user firstly comes to app1.example.com<http://app1.example.com>, so he will be redirected to cas.example.com<http://cas.example.com> for authentication. Follows standard ticket generation and validation procedure. But question is following: now if user moves to app2, is it possible that app2 filter reads HTTP request and tries to find SSO cookie and tries to validate it directly on cas.example.com<http://cas.example.com>? What I want to achive, is that there is no need to redirect user browser to cas.example.com<http://cas.example.com>, but app2 will do that request itself. Is there such filter implemented in Java? Or should I implement such fitler by myself? I would be grateful for any assistance, Siim -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]<javascript:>. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]<mailto:[email protected]>. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
