I have an application that needs to access another service, without asking
the user for their credentials again. Perfect for the CAS proxy ticket.
After finding a fairly good high-level explanation of the CAS proxy on the
wiki
http://www.ja-sig.org/wiki/display/CAS/Proxy+CAS+Walkthrough
Clear, concise, and I couldn't get it to work with URL manipulation. After
flailing around a bit I configured a servlet attached to my proxyCallbackUrl
that does the following:
ApplicationContext context =
WebApplicationContextUtils.getWebApplicationContext(getServletContext());
ProxyGrantingTicketStorage proxyTicketStorage =
(ProxyGrantingTicketStorage) context.getBean(proxyGrantingStorageBean);
CommonUtils.readAndRespondToProxyReceptorRequest(request, response,
proxyTicketStorage);
In my application I can do the following:
CasAuthenticationToken p = (CasAuthenticationToken)
request.getUserPrincipal();
String pt = p.getAssertion().getPrincipal().getProxyTicketFor("blorf");
To validate the ticket I construct a url of the form https://<my cas
server>/proxyValidate?service=<target service>&ticket=<ticket returned from
getProxyTicketFor()>
This works but, I don't like it. Is there a "best practice" for retrieving
the proxy ticket?
Thanks in advance
Dean
--
View this message in context:
http://www.nabble.com/BestPractice-Pattern--for-CAS-Proxy-Ticket-Generation--tp24095305p24095305.html
Sent from the CAS Users mailing list archive at Nabble.com.
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
