Thanks for your response, I was looking at secure an endpoint by cas? Can you help me understand how this would work. I would not want a login page for any webservice call. Can you point me to some documentation to help accomplishing it with the proxy ticket method that you suggested. How is this different from Basic Http/s transport authentication for webservices?
Thank you! On Sat, May 16, 2009 at 1:58 AM, Robert Oschwald <[email protected]>wrote: > Do you mean you want to secure an endpoint by cas? Or do you want to > implement an endpoint using normal WSSE authentication together in an > application which uses CAS authentication for Webusers, also? > > The first one I have never done. > I think you must get the CAS proxy ticket (PGTIOU via the > ProxyTicketReceptor from CasAuthenticationToken) to perform the > authentication. > > The second one is quite easy. You need to configure two > authenticationManagers in your spring config. > One which performs CAS auth (for Web users) and one for webservices which > has other providers set, like a daoAuthenticationProvider. > > > Robert > > Am 16.05.2009 um 02:37 schrieb Nandini Obhrai: > > Anyone implemented webservice security with CAS. Do I have to use Spring > Security or CXF? > > Thanks > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig..org/wiki/display/JSG/cas-user > <http://www.ja-sig.org/wiki/display/JSG/cas-user> > > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
