We have an java webapp configured with CAS login and would like as a next step to have an easy on-ramp for M2M access to our web service endpoints.
Apache is providing "SSLVerifyClient optional" PKI authentication and CAS is setup on JBoss providing the fallback form-based user login. This works very well for a user experience in the browser. A simple use case for us would be to have a small java client program call our services providing a valid PKI certificate. In this case, we ideally do not want to have the client negotiate the CAS multiple redirects. Does anyone have any advice or authentication patterns to accommodate this scenario for non-human, authenticated access? -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
