So, is there a way to get a SAMLResponse (given a SAMLRequest) if the user's session is established through the CAS v1 REST API?
We have a legacy desktop application that has used the CAS v1 REST API for years to authenticate users, but we have a new Service Provider that only supports SAML 2.0 (vice our historical usage of CAS 2.0/SAML 1.1 protocols). Ideally, it looks like i'd need to turn the TGT into a properly signed TGC so it could be shoved into a cookie, and follow the 302 redirects on some requests to mimic the one of the Web Browser SSO Profiles, or a REST v1 request to something like /cas/v1/tickets/TGT-123?SAMLRequest=....... Just trying to brainstorm what changes/extensions I'll need to make to support this. I recognize the "right" answer long term is to replace the legacy authentication that uses the REST API and switch to an embedded browser, that goes through the standard browser authentication process, but that would be a much larger undertaking. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/a5fa351a-707b-4c27-b96e-e5d1fad629bf%40apereo.org.
