Anmol,
There are lot's of resources out there..
I found the following to be very useful in understanding the overall
process/components.
https://docs.spring.io/spring-security/site/docs/3.1.x/reference/cas.html
and
https://github.com/apereo/java-cas-client
and good starting point for Annotated forms of this I found at:
https://www.baeldung.com/spring-security-cas-sso
On 2019-12-24 1:39 a.m., Anmol Budhewar wrote:
Can you refer how to get java cas client because I don't have any idea
how to build java cas client can you help me
On Thu, Dec 19, 2019, 03:00 Colin Ryan <col...@caveo.ca
<mailto:col...@caveo.ca>> wrote:
Folks,
Me again...sorry...still trying yet another way to do what I need
done...le sigh...
Anyhow all these variations now lead me to this new question,
hopefully
as I learn more about CAS my questions become more clear.
So I have my Web Application that is using Spring Security and CAS. I
need this application to support multiple dynamic contexts where each
context represents a Service definition in CAS which in turn has
varying
authentication parameters for it.
So for example if someone enters on:
Warning this link may be malicious, it actually goes to the site
"myapp.com" while displaying: https://myapp.com?profile=xxxx
<https://myapp.com?profile=xxxx> versus Warning this link may be
malicious, it actually goes to the site "myapp.com" while
displaying: https://myapp.com?profile=yyyy
<https://myapp.com?profile=yyyy>
Then the application will redirect to CAS which will match a service
pattern for ?profile=xxxx or ?profile=yyyyy which in turn allows
me to
specify a specific authentication configuration for profile xxxx
to be,
for example, LDAP, or yyyy to be RADIUS etc. Note, these are
different
authentication providers not decisions for multi-factor, so as far
as I
can tell I cannot use any of the mfa-auth triggering.
However when I write my Java Spring CAS Web client I must specify the
serviceURL in the ServiceProperties Bean. As such anything I GET
to the
web application is supplanted by the serviceURL as it's redirected to
CAS and hence I loose pattern match to different profiles at the CAS
authentication.
@Bean
public ServiceProperties serviceProperties() {
ServiceProperties serviceProperties = new
ServiceProperties();
serviceProperties.setService("https://myapp.com");
serviceProperties.setSendRenew(false);
return serviceProperties;
}
Documentation around the service parameter in other places like
mod_auth_cas etc, implies that so long as things are properly
escaped in
the URL's that they will survive the CAS redirect.
But in the Java client examples the serviceURL is in a Bean and is
hard
coded and hence all the parameter are dropped as the user is taken
over
to the CAS login screens.
Is there a way via the Java API to take the request.queryString()
contents and get that appended to the serviceURL so that when
redirected
to CAS that the parameters are preserved...i.e.
https://cas/cas/login?service=https://myapp.com?profile=xxx.
Thanks
Colin Ryan
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google
Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it,
send an email to cas-user+unsubscr...@apereo.org
<mailto:cas-user%2bunsubscr...@apereo.org>.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/65664b69-5629-c7b5-f271-58ea62a1fedd%40caveo.ca.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google
Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to cas-user+unsubscr...@apereo.org
<mailto:cas-user+unsubscr...@apereo.org>.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CADit65YP2QUSFubkDCbi4eBK7MRo_g3LSQa3WxfMY-9G19Hp9Q%40mail.gmail.com
<https://groups.google.com/a/apereo.org/d/msgid/cas-user/CADit65YP2QUSFubkDCbi4eBK7MRo_g3LSQa3WxfMY-9G19Hp9Q%40mail.gmail.com?utm_medium=email&utm_source=footer>.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/69b36599-1592-5a40-72ac-7a86b9de8c7d%40caveo.ca.