Yan, If xyzservice needs to know who the user is, then clearpass is an option, https://apereo.github.io/cas/4.2.x/integration/ClearPass.html.
Ray On 2016-10-20 09:28, Yan Zhou wrote: > > Hi > > > > We have CAS 4.1.x overlay. We have one webapp and one backend > services. Two different WAR files, both apps are casified. > > > > Webapp runs at localhost:8080/myapp, backend service runs at > localhost:8080/xyzservice (same domain). > > > > After user login successfully into /myapp, its AngularJS code makes > XhrRequest call, it does HTTP GET on > /localhost:8080/xyzservice/protected/simple.html > > > > I am getting CAS login page in javascript response code when > XhrRequest call is made. However, if I use browser and navigate to > /localhost:8080/xyzservice/protected/simple.html, that works fine. > > > > My guess is that > > > 1) in browser scenario, CAS tells browser to redirect to CAS login > page via 302. And, when browser GETs the CAS login page, it will send > the SSO TGT in the cookie. Everything else follows. > > > 2) in XhrRequest, CAS returns 200 with CAS login page. The XhrRequest > does not know how to process the HTML login page and it fails. > > > What do I need to do, so that when XhrRequest is made by a user that > is already authenticated, it will work just like browser scenario? > > > Thx! > > Yan > > -- > CAS gitter chatroom: https://gitter.im/apereo/cas > CAS mailing list guidelines: > https://apereo.github.io/cas/Mailing-Lists.html > CAS documentation website: https://apereo.github.io/cas > CAS project website: https://github.com/apereo/cas > --- > You received this message because you are subscribed to the Google > Groups "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send > an email to [email protected] > <mailto:[email protected]>. > To post to this group, send email to [email protected] > <mailto:[email protected]>. > Visit this group at > https://groups.google.com/a/apereo.org/group/cas-user/. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/0521f18c-058a-472e-8ea0-89baf1ee2bec%40apereo.org > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/0521f18c-058a-472e-8ea0-89baf1ee2bec%40apereo.org?utm_medium=email&utm_source=footer>. > For more options, visit https://groups.google.com/a/apereo.org/d/optout. -- Ray Bon Programmer Analyst Development Services, University Systems 2507218831 | CLE C017 | [email protected] -- CAS gitter chatroom: https://gitter.im/apereo/cas CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html CAS documentation website: https://apereo.github.io/cas CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/6a257564-bb4a-5573-b26f-b87fb3947770%40uvic.ca. For more options, visit https://groups.google.com/a/apereo.org/d/optout.
