Is there a reason you didn't just use the CAS Client filters and configure them in Spring? Was some part of that not sufficient?
On Mon, Apr 19, 2010 at 11:32 AM, Bryan Wooten <[email protected]> wrote: > We have a Spring application that is using CAS. This application does > not use the CAS client jar as a filter. The design uses a Spring > Interceptor and makes calls directly to CAS client classes. > > > > So when the application is first hit we do a “response.sendRedirect()” to > our CAS server login URL. When the application is set a request with a > “ticket” parameter it calls > org.jasig.cas.client.validation.Cas20ServiceTicketValidator.validate() > directly. The application gets the principal like this: > > > > Assertion casAssertion = this.ticketValidator.validate(myTicket, > localServiceUrl); > > String unid = casAssertion.getPrincipal().getName(); > > > > At this point we are successfully logged in and the unid is placed on the > session. For here on out the interceptor checks to see if there is a unid > on the session, if there is one then the user is assumed to be logged in and > CAS is never referenced again. > > > > What does the group think of this? > > > > Thanks, > > > > Bryan Wooten > > > > UIT Systems Administrator > > University of Utah > > > > [email protected] > > > > > > -- > You are currently subscribed to [email protected] as: > [email protected] > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
