Ismail, I'm not sure I understand completely. Are you expecting the request to the RESTful service to be made as the user who originally authenticated to the first application? Mod_auth_cas will not do this for you. In this model, you would need to have your first application submit the user name and have your RESTful service accept and act on that information. This could be submitted either using another security mechanism, or simply passed as a header or parameter, assuming the connection from the first application to the RESTful service is already secured.
Since you are working in Java, have you considered simply using the standard JASIG Java CAS Client to secure both the first application and the RESTful service, using Proxy tickets, and modifying your first application to submit the Proxy ticket as part of the REST request? HTH, -Matt Matthew J. Smith University of Connecticut UITS [email protected] ________________________________________ From: Seyfi, Ismail [[email protected]] Sent: Tuesday, March 08, 2011 10:01 AM To: [email protected] Subject: [cas-user] mod_auth_cas Hey, I have got a small problem I was hoping someone on the list can help me. I have set up mod_auth_cas. I have got 2 Java applications protected by it. One of the applications, after users login, sends a restful request to the other application. I was expecting "CAS User" header variable to be set by mod_auth_cas to the username of the logged in user for both of my applications. This was true for the first application but not for the second application. mod_auth_cas seemed to have set up the "CAS User" header variable for the second application as well but it was set to the hostname of the server and not the username of the user. Quick inspection of the header values showed that mod_auth_cas_s cookie was part of the header and I believe that was used to authenticate the second application. I am just not sure why mod_auth_cas is not setting the header value properly. I initially wanted to use proxy authentication for this scenario but it is not yet supported. Thanks in advance. Ismail -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
