You should take a look at Proxy Granting Tickets, which allow an application to securely call another app on behalf of a user.
http://stackoverflow.com/questions/6368358/restful-cas-client-and-proxy-granting-tickets https://wiki.jasig.org/display/CAS/Proxy+CAS+Walkthrough Best, Bill On Tue, Nov 1, 2016 at 3:22 PM, Yan Zhou <[email protected]> wrote: > Hello, > > CAS protocol does not let the apps (CAS client) get TGT ticket. We have a > need for that. > > We have two web apps, both are casified in CAS 4.1.X. One web app has > AngularJS (Javascript) front end, and, the other webapp is UI-Less, it just > offers REST services. > > Javascript code in App A wants to call REST API in App B. We run into > problem with CORS, etc. But, even after CORS are enabled, still run into > trouble. > > So, the thought is, if Javascript code can get hold of TGT after user login > to the app. A, then, JS code call use CAS REST API to authenticate against > the 2nd app (the UI-less REST Services). > > Is that a bad idea, and how is that possible? > > Yan > > -- > - CAS gitter chatroom: https://gitter.im/apereo/cas > - CAS mailing list guidelines: > https://apereo.github.io/cas/Mailing-Lists.html > - CAS documentation website: https://apereo.github.io/cas > - CAS project website: https://github.com/apereo/cas > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/f60e5fea-2a9b-4515-8a92-a7c2c8769497%40apereo.org. -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAPpkTuGP3z3M7uQGRsOqni%2BSG0AeZHRwHrM9CY8XJWcVeTUQwQ%40mail.gmail.com.
