I am not sure this is supported. We have a similar problem, where we want t= o provide something which we refer as: inflow login in some cases where we = don't want to redirect a user to a new application (CAS). We have analyzed = CAS 3.5 restful support and it was designed for application backend to CAS = communication not Web frontend auth mechanism.
Since we have not managed to find a resolution, we are close to reaching a = conclusion that CAS may not be the right solution when inflow login is a re= quirement, hence seeking another solution. We realized that once you use restful API from web front end suddenly you h= ave to store cookie (TGC) in your root app domain and not cas domain and th= e site needs to be HTTPS to protect against man in the middle attacks. It would be good it somebody could share more thoughts on this matter, hope= fully more experienced with CAS. Does CAS 3.5 support inflow login? If not = is it a planned feature, is it against CAS core design, etc? Mateusz Szczap - eBay.de Von: Pronstad, Thomas [mailto:[email protected]] Gesendet: Dienstag, 13. November 2012 11:02 An: [email protected] Betreff: [cas-user] SSO into an ajax rest api Hi We have a web application that uses a rest API over ajax. The web application has open pages that uses open resources in the rest API. When a user wants access to secured pages, he is sent to cas by the web application and logs in. How should we now handle sso for the rest API? As I understood the proxy protocol, it's designed for application-to-application on behalf of the user which does not cover this scenario (I might be wrong). When the users browser via ajax requests resources from the rest api it wont be able to go through the standard sso path with CAS since browser redirects is not available in ajax. Any ideas on how this is best designed is welcome. Kind regards. Thomas Pronstad -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
