Thanks for jumping in Jerome. I have the situation where I have OAuth secured resources behind a Zuul edge gateway. The gateway is secured by CAS (OAuth & CAS). I now need a CAS secured application to be able to talk to an OAUth resource server behind the gateway.
So far, the external application authenticates successfully and retrieves it's proxy ticket ready to talk to the resource server. In theory, I could also secure the resource server with CAS to accept the proxy ticket, but this is just duplicating the work. The application is already authenticated with the gateway and has been able to get a proxy ticket for the resource server. It seems that I should be able to just 'pass the authentication' on. Would JWT be a solution if conversion to an OAuth token is not a good idea? -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/50bd7ae6-1ea3-484a-930e-d9c359ac9c88%40apereo.org.
