Oh! I know! https://apereo.github.io/cas/6.0.x/installation/Surrogate-Authentication.html#preselected
It is done simply by +user in REST authentication request, right? Genial! Petr On Wednesday, August 28, 2019 at 9:42:17 AM UTC+2, Petr Gašparík - AMI Praha a.s. wrote: > > Hi Misagh, > that's what I don't know for sure. > > Can be REST used for issuing TGT for different user than authenticated > one? Like "sudo make TGT for userX" ? > I studied wiki, I think sudoer needs to know user's password. > > -- > > s pozdravem > > *Petr Gašparík* > solution architect > > gsm: [+420] 603 523 860 > e‑mail: [email protected] > > *AMI Praha a.s.* > Pláničkova 11, 162 00 Praha 6 > > tel.: [+420] 274 783 239 | web: www.ami.cz > > [image: AMI Praha a.s.] > > Textem tohoto e‑mailu podepisující neslibuje uzavřít ani neuzavírá > za společnost AMI Praha a.s. > jakoukoliv smlouvu. Každá smlouva, pokud bude uzavřena, musí mít výhradně > písemnou formu. > > Tento e‑mail je určen výhradně pro potřeby jeho adresáta/ů a může > obsahovat důvěrné nebo osobní > informace. Nejste‑li zamýšleným příjemcem, je zakázáno jakékoliv > zveřejňování, zprostředkování > nebo jiné použití těchto informací. Pokud jste obdrželi e‑mail > neoprávněně, informujte o tom prosím > odesílatele a vymažte neprodleně všechny kopie tohoto e‑mailu včetně > všech jeho příloh. Nakládáním > s neoprávněně získanými informacemi se vystavujete riziku právního postihu. > > > út 27. 8. 2019 v 21:45 odesílatel Misagh <[email protected]> > napsal: > >> Wouldn't step 1 and 2 also be handled using the rest protocol? >> >> On Tue, Aug 27, 2019, 6:48 PM Petr Gašparík - AMI Praha a.s. < >> [email protected]> wrote: >> >>> Hi, >>> in my proof of concept, I want piece of code (program library) to *log >>> in user to CASified application without user's password.* >>> >>> That could be done in this way: >>> >>> 1. library authenticates to CAS with its login/password >>> - CAS responds with OK/fail >>> 2. library requests to generate TGT for specified user >>> - CAS responds with TGT >>> 3. library requests ST via TGT >>> - CAS responds with ST >>> 4. library forms URL for CASified application with ST >>> 5. user is logged in to CASified application >>> >>> I know steps 3-5 are doable through REST + CAS protocol. >>> >>> *What about step 2, how to do that*? Can I for example use suggoration >>> for that? >>> >>> (CASified application means application that use CAS client to get >>> authenticated users from CAS) >>> >>> best regards >>> >>> *Petr Gašparík* >>> >>> -- >>> - Website: https://apereo.github.io/cas >>> - Gitter Chatroom: https://gitter.im/apereo/cas >>> - List Guidelines: https://goo.gl/1VRrw7 >>> - Contributions: https://goo.gl/mh7qDG >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "CAS Community" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CABAspd0yUWw42pPzBTgErQkTyoV_u1tszcjg5M7oNwRsM%3D_6Vg%40mail.gmail.com >>> >>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CABAspd0yUWw42pPzBTgErQkTyoV_u1tszcjg5M7oNwRsM%3D_6Vg%40mail.gmail.com?utm_medium=email&utm_source=footer> >>> . >>> >> -- >> - Website: https://apereo.github.io/cas >> - Gitter Chatroom: https://gitter.im/apereo/cas >> - List Guidelines: https://goo.gl/1VRrw7 >> - Contributions: https://goo.gl/mh7qDG >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAGSBKkcBb3d0m%3D_oUe-M1PZdUeoEp0%3DUYfZP6o%3DD4%2BbTHL4gHg%40mail.gmail.com >> >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAGSBKkcBb3d0m%3D_oUe-M1PZdUeoEp0%3DUYfZP6o%3DD4%2BbTHL4gHg%40mail.gmail.com?utm_medium=email&utm_source=footer> >> . >> > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/6b753544-052f-4bdc-908c-23da8d59a9a4%40apereo.org.
