Hello, I'm currently in the process of migrating a few Java appplications to a Single-Sign-On with CAS. In this application it is basically up to the single page whether authentication/authorization is required or not. Therefore using the filters in web.xml doesn't seem to be a good solution. Instead I'd like to integrate the CAS-authentication into my existing authentication code using the java objects approach described on the JA-SIG main page (although this specific code example appears to be outdated).
Unfortunately, all my attempts so far have failed. I'm lacking a comprehensive documentation on how to work without the filters or at least without the filters doing all the work. Is there any resource on this topic I haven't discovered so far? Google searches didn't yield much. Specifically I'm interested in how I have to redirect to the CAS-server for authorization (if I do it manually right now, providing a "service" parameter, I get an exception in the client app (from the validation filter) that ticket and service don't match), how to obtain the ticket/username within the client app and how to validate the ticket. For your information: The exemplary application I'm trying to integrate with CAS right now is based on Wicket. Kind regards and thanks for your advice, Martin Simons -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
