Hi
We have a web application that uses a rest API over ajax. The web application has open pages that uses open resources in the rest API. When a user wants access to secured pages, he is sent to cas by the web application and logs in. How should we now handle sso for the rest API? As I understood the proxy protocol, it's designed for application-to-application on behalf of the user which does not cover this scenario (I might be wrong). When the users browser via ajax requests resources from the rest api it wont be able to go through the standard sso path with CAS since browser redirects is not available in ajax. Any ideas on how this is best designed is welcome. Kind regards. Thomas Pronstad -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
