The reason we haven't is that you can obtain proxy tickets programmatically already (even if its not technically "RESTful") via the /serviceValidate or /proxyValidate call to get the PGT and then via /proxy to obtain the proxy ticket.
Is that not ideal? The goal for the RESTful API was merely to offer a way for services to utilize CAS. Cheers, Scott On Fri, Dec 18, 2009 at 8:09 AM, Arjohn Kampman < [email protected]> wrote: > Hi Scott, others, > > I have a related question: the current RESTful API seems limited to > first part of the authentication process, namely acquiring a TGT. Any > plans to extend this to cover the complete protocol including, for > instance, acquiring proxy tickets? > > Regards, > > Arjohn > > > Scott Battaglia wrote: > >> The RESTful API's API (talk about redundancy) is actually pretty flexible >> but also relatively simple: >> >> >> https://www.ja-sig.org/svn/cas3/trunk/cas-server-integration-restlet/src/main/java/org/jasig/cas/integration/restlet/TicketResource.java >> >> You can override the obtainCredentials method to obtain the credentials >> however you want, which should be what you need to parse the headers. >> >> Let me know if you have any problems. >> >> Cheers, >> Scott >> >> >> On Thu, Dec 17, 2009 at 11:46 AM, Juan Uys <[email protected] <mailto: >> [email protected]>> wrote: >> >> Hello CAS users, >> >> According to the existing REST documentation >> (http://www.ja-sig.org/wiki/display/CASUM/RESTful+API) , you have >> the following request for obtaining a ticket: >> >> <snip> >> POST /cas/tickets HTTP/1.0 >> >> username=battags&password=password&additionalParam1=paramvalue >> </snip> >> >> My requirement is a bit more elaborate. I don't want to send a >> password over the wire, but would instead like to send WSSE >> parameters, as described here >> http://www.xml.com/pub/a/2003/12/17/dive.html: >> >> <snip> >> POST /cas/tickets HTTP/1.1 >> >> Authorization: WSSE profile="UsernameToken" >> X-WSSE: UsernameToken Username="bob", >> PasswordDigest="quR/EWLAV4xLf9Zqyw4pDmfV9OY=", >> Nonce="d36e316282959a9ed4c89851497a717f", >> Created="2003-12-15T14:43:07Z" >> </snip> >> >> I literally discovered CAS today, so if someone can point me in the >> right direction (if this already exists), or I can either implement >> this myself, and/or submit a patch. >> >> Our company is a major fashion retailer, and we're building an API >> and expanding our reach onto kiosks, mobiles, RIA, etc and having a >> simple "verify" method that Apache can dispatch to CAS directly >> would be awesome. >> >> Thanks, >> Juan >> -- >> You are currently subscribed to [email protected] >> <mailto:[email protected]> as: [email protected] >> <mailto:[email protected]> >> >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> > > -- > Arjohn Kampman, Senior Software Engineer > Aduna - Semantic Power > www.aduna-software.com > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
