Hi CAS Users: I'm developing a mobile application that needs to authenticate users with a CAS system. The CAS system to my knowledge is configured to handle login only via a login form.
I'm mainly concerned with the login flow with CAS for retrieving the CAS ticket. My understanding is that the browser traditionally redirects to "http(s)://cas_server/cas/login?service=http(s)://other_server/application1", which displays a webpage, handles login, and redirects back to the original service with a ticket: "http(s)://other_server/application1?ticket=ST-8670-123buTvFFjo980". If my understanding is correct, one hacky way of handling this is to: --- display " http(s)://cas_server/cas/login?service=http(s)://other_server/application1" in an embedded browser within the app, --- detect the embedded browser's url redirecting to "http(s)://other_server/application1?ticket=ST-8670-123buTvFFjo980" (or detect a response we generate from that redirected url) This should be possible, and will likely be what I'll do, unless there is some more standard solution. Has this been done before, or is there a cleaner proposed way in situations like this? Thanks! -- Dylan Jackson Cofounder, Parkify Inc. m | 805-591-0077 -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
