Jerome, The CAS secured application is from a third party that I cannot modify.
On the JWT front, I like the idea of this behind the gateway. I understand from the website that CAS JWT support is 'read only' in that it does not generate JWTs. Is generation on the roadmap? Are there any examples of JWT in action that I can reference? Cheers *Lewis Henderson* Director CobraFlow Limited M:0788 7788 436 Skype:CobraFlow www.cobraflow.com On 16 November 2016 at 10:59, Jérôme LELEU <[email protected]> wrote: > Hi, > > You may change your CAS-secured application into an OAuth-secured > application to directly retrieved an access token, but in any case, you'll > need to check this access token via the CAS server from the OAuth resource > server. > So indeed, using JWT is a way to pass identity from one app to the other, > without requiring a third-party to validate the identity. > > Best regards, > Jérôme > > > 2016-11-16 8:36 GMT+01:00 Lewis Henderson <[email protected]>: > >> Thanks for jumping in Jerome. >> >> I have the situation where I have OAuth secured resources behind a Zuul >> edge gateway. The gateway is secured by CAS (OAuth & CAS). I now need a CAS >> secured application to be able to talk to an OAUth resource server behind >> the gateway. >> >> So far, the external application authenticates successfully and retrieves >> it's proxy ticket ready to talk to the resource server. In theory, I could >> also secure the resource server with CAS to accept the proxy ticket, but >> this is just duplicating the work. The application is already authenticated >> with the gateway and has been able to get a proxy ticket for the resource >> server. It seems that I should be able to just 'pass the authentication' on. >> >> Would JWT be a solution if conversion to an OAuth token is not a good >> idea? >> >> -- >> - CAS gitter chatroom: https://gitter.im/apereo/cas >> - CAS mailing list guidelines: https://apereo.github.io/cas/M >> ailing-Lists.html >> - CAS documentation website: https://apereo.github.io/cas >> - CAS project website: https://github.com/apereo/cas >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit https://groups.google.com/a/ap >> ereo.org/d/msgid/cas-user/50bd7ae6-1ea3-484a-930e-d9c359ac9c >> 88%40apereo.org. >> > > -- > - CAS gitter chatroom: https://gitter.im/apereo/cas > - CAS mailing list guidelines: https://apereo.github.io/cas/ > Mailing-Lists.html > - CAS documentation website: https://apereo.github.io/cas > - CAS project website: https://github.com/apereo/cas > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit https://groups.google.com/a/ > apereo.org/d/msgid/cas-user/CAP279LyAZ%2B5z8YjviDrAOE5D- > rFg-5%3DEeGzXT5UAuYA7D%3D4-_A%40mail.gmail.com > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAP279LyAZ%2B5z8YjviDrAOE5D-rFg-5%3DEeGzXT5UAuYA7D%3D4-_A%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAGxExJ6a%2BfSzzzzgD9mm7ea%3D2%2BW1i45a0b-Qu6uepsN-jjQa2w%40mail.gmail.com.
